Behind the Cyberattacks on America and South Korea. "Rogue" Hacker, Black Op or Both?
The iconic American investigative journalist I.F. Stone once said, "All governments are run by liars and nothing they say should be believed." Stone's credo is all the more relevant today when it comes to the pronouncements of intelligence agencies and their corporate masters, particularly where official enemies are concerned.
A widespread computer attack that began July 4 took down several U.S. Government, South Korean and financial web sites, the Associated Press reported.
Multiple media reports claim that the Treasury Department, the Department of Homeland Security (DHS), Secret Service, Federal Trade Commission and Department of Transportation web sites were struck by a distributed denial of service (DDOS) assault that began last Saturday.
According to Computerworld, "a botnet comprised of about 50,000 infected computers has been waging a war against U.S. government Web sites and causing headaches for businesses in the U.S. and South Korea." The magazine reported July 7, "on Saturday and Sunday the attack was consuming 20 to 40 gigabytes of bandwidth per second, about 10 times the rate of a typical DDoS attack, one security expert said after being briefed by the US-CERT on Tuesday. 'It's the biggest I've seen'."
This is particularly embarrassing to DHS since the agency's U.S. Computer Emergency Readiness Team (U.S.-CERT) is responsible for preventing illegal hacking forays on government networks.
Attacks were also reported on the White House, the Department of Defense, the State Department, The Washington Post, U.S. Bancorp, the New York Stock Exchange and Nasdaq. Affected sites in South Korea included those of the presidential Blue House, the Ministry of Defense, the National Assembly, Shinhan Bank, the newspaper Chosun Ilbo. South Korea's top Internet Service Provider, Naver.com crashed on Tuesday, according to the Associated Press.
Despite the unsophisticated nature of the cyber incursion that employed a variant of the MyDoom virus, unnamed "senior U.S. officials" told The Wall Street Journal that American and South Korean officials are "probing North Korea's possible role." The same anonymous sources said that the botnet attack "coincided with North Korea's latest missile launches and followed a United Nations decision to impose new sanctions."
That the cyber assault also "coincided" with a holiday fireworks accident that killed 5 workers in North Carolina, multiple deaths due to drunk driving on U.S. highways or an Italian railway disaster that claimed 21 lives, is hardly "evidence" of Pyongyang's shadowy hand.
Nevertheless, South Korea's National Intelligence Service (NIS), the successor organization to the Korean Central Intelligence Agency (KCIA), was quick to blame the troglodytic Stalinist regime for the blitz. However, the opposition Democratic Party "accused the spy agency of spreading unsubstantiated rumors to whip up support for a new anti-terrorism bill that would give it more power."
In a media statement NIS said: "This is not a simple attack by an individual hacker, but appears to be thoroughly planned and executed by a specific organization or on a state level."
But given the nature of the event, not all cybersecurity specialists are convinced of a North Korean provenance. Amit Yoran, the former director of DHS' National Cybersecurity Division told Federal Computer Week: "I think at this point it is highly unlikely, highly improbable that any reliable attack-attribution data is available. It's a very intense process and it could take weeks. ... The analysis here--both technical and nontechnical--is not trivial and takes time."
In other words, NIS pronouncements should be taken with the proverbial grain of salt. After all, this is an agency with a repressive pedigree and its own dodgy agenda. "Trained-up fierce" by the CIA and the Pentagon, the South Korean intelligence service has been involved in some of the worst human rights abuses in East Asia.
According to a series of reports by investigative journalist Tim Shorrock, the agency was involved in the mass murder of their own citizens. In 1980, the Army's feared "Black Beret" Special Forces and the KCIA were given a "green light" by Washington to suppress a pro-democracy uprising in the southern city of Kwangju in which some 2,000 students and workers were massacred; hundreds more were "disappeared," tortured and imprisoned.
And with hostilities between Washington, Seoul and Pyongyang steadily on the rise, one cannot rule out the possibility that the cyberattacks are an exploitable entré by enterprising security agencies for further escalating the current crisis. Recent U.S. history is replete with examples of "intelligence and facts ... being fixed around the policy."