http://times.hankooki.com/lpage/tech/200702/kt2007021916025512350.htm By Kim Tae-gyu Staff Reporter 02-19-2007 The dominance of the Windows operating system coupled with a lack of interest in cyber security and state-of-the-art Internet infrastructure has made Korea a haven for hackers. Earlier this month hackers launched a powerful offensive on crucial Internet servers, which help manage global computer traffic. On Feb. 6, hackers flooded at least three of the 13 root domain name system (DNS) servers, which connect domain names with Internet protocol addresses to enable people to reach certain Web sites. The attacks, dubbed distributed denial of service (DOS), caused a heavy inflow of Internet traffic directed at root servers. DOS attackers seemed to have tried to bring the Internet pipeline to its knees by flooding it with useless traffic, shutting down all the networks. They failed to disrupt the resilient Internet, which is safeguarded unless all 13 root servers and many more back-up servers are overwhelmed for about a week at the same time. However, the accident spurred concerns about the security of cyber space across the world since it marked one of the most concerted attacks against the Internet's core facilities since a similar assault in 2002. In particular, the attack seems to have involved South Korea as overseas media reported a majority of the rogue data originated from computers in the country. Citing data from the North American Network Operators' Group, the Korean government confirmed 61 percent of the problematic data was traced to South Korea. Hackers and Zombie Computers Yet, the Ministry of Information and Communication flatly rebuffs the suspicion that Korea was the main culprit behind the cyber attacks. ``We learned a host server in Coburg, Germany ordered a flurry of Korean computers to stage DOS assaults on the root servers,'' said Lee Doo-won, a director at the ministry. ``In other words, Korean computers affected by viruses made raids into the root servers as instructed by the German host server. Many of our computers acted like zombies,'' Lee said. A zombie computer refers to a computer infected with malicious code, which allows a host computer to access to its system and manipulate its operations. As soon as an e-mail recipient opens a virus-embedded mail and executes it, the computer becomes a zombie. Hackers sometimes capitalize on the weakness of unpatched operating systems to create an army of zombie computers. Most owners of zombie computers are unaware that their system is being used in this way. Korea has long been touted as a hotbed for hacking activity because the country has a wide-ranging interconnected network, a necessity for creating zombie computers. Roughly 14 million out of the nation's 15.5 million households are hooked up to the always-on high-speed Internet to mark the world?s highest broadband penetration rate. ``The envied broadband infrastructure was abused by hackers so the United States regarded Korea as the major source of the DOS attacks,'' Lee said. ``Things have become aggravated because many Korean computer users did not patch up their security holes, making them vulnerable to the secret raids of zombie specialists,'' he said. Indeed, the download rates for Windows operating system patches are much lower in Korea than elsewhere in the world, according to Microsoft, the maker of the Windows software. Worst-Case Scenario Experts warn that the nation's ambitious scheme of upgrading its infrastructure to a broadband convergence network (BcN), may end up giving ammunition to hackers. The government plans to increase the speed of the Internet to 100 megabits per second (Mbps) by 2010, about 50 times faster than the current 2Mbps. The increase in speed means BcN subscribers can download a two-hour high-definition movie file in one minute, compared to the one hour needed today. To help encourage a smooth transition to BcN, the government looks to spend 1.2 trillion won through 2010 and draw 800 billion won in investment from the private sector. The number of BcN subscribers, which topped the 5 million mark late last year, is expected to surpass 8 million later this year, more than half of the total Internet user base. ``The fast BcN network is a two-edged sword. It can be employed either to make our daily life more convenient or to attack the root servers,'' an official at the state-backed Korea Information Security Agency said. ``We are concerned that the BcN network may give a machine gun to zombie computer controllers instead of the traditional handguns,'' the official stated. He articulated that the best way to prevent the abuse of the ultra-fast Internet network is to keep people alert on cyber security issues through periodic patch upgrades. Some observers point their fingers to the dominance of Microsoft Windows operating system as part of the reason behind Korea's recent DOS assaults. ``In the distributed DOS attacks on root servers, all of the zombie computers were based on a Windows operating system,'' a Seoul analyst said. ``Our over-reliance on Windows can attract hackers. We have to make things tough for the unscrupulous troublemakers by reducing dependence on the operating system,'' he said. Almost 99 percent of domestic personal computers run a version of the Windows operating system. ______________________________________ Subscribe to the InfoSec News RSS Feed http://www.infosecnews.org/isn.rss
This archive was generated by hypermail 2.1.3 : Mon Feb 19 2007 - 23:36:46 PST