Federal Sites Knocked Out by Cyber Attack

Widespread and Resilient Attack Knocked Out Several Government Agencies' Sites Over Weekend

(AP)  A widespread and unusually resilient computer attack that began July 4 knocked out the Web sites of several government agencies, including some that are responsible for fighting cyber crime, The Associated Press has learned.

The Treasury Department, Secret Service, Federal Trade Commission and Transportation Department Web sites were all down at varying points over the holiday weekend and into this week, according to officials inside and outside the government. Some of the sites were still experiencing problems Tuesday evening. Cyber attacks on South Korea government and private sites also may be linked, officials there said.

U.S. officials refused to publicly discuss any details of the cyber attack, and would only generally acknowledge that it occurred. It was not clear whether other government sites also were attacked.

Others familiar with the U.S. outage, which is called a denial of service attack, said that the fact that the government Web sites were still being affected three days after it began signaled an unusually lengthy and sophisticated attack. The officials spoke on condition of anonymity because they were not authorized to speak on the matter.

Web sites of major South Korean government agencies, banks and Internet sites also were paralyzed in a suspected cyber attack Tuesday. Ahn Jeong-eun, a spokeswoman at the Korea Information Security Agency, said the U.S. and South Korean attacks appeared to be linked.

The South Korean sites included the presidential Blue House, the Defense Ministry, the National Assembly, Shinhan Bank, Korea Exchange Bank and top Internet portal Naver. They went down or had access problems since late Tuesday, Ahn said.

The Homeland Security Department confirmed that officials had received reports of "malicious Web activity" and they were investigating the matter, but had no further comment. Two government officials acknowledged that the Treasury and Secret Service sites were brought down, and said the agencies were working with their Internet service provider to resolve the problem.

Ben Rushlo, director of Internet technologies at Keynote Systems, called it a "massive outage" and said problems with the Transportation Department site began Saturday and continued until Monday, while the FTC site was down Sunday and Monday.

Keynote Systems is a mobile and Web site monitoring company based in San Mateo, Calif. The company publishes data detailing outages on Web sites, including 40 government sites it watches.

According to Rushlo, the Transportation Web site was "100 percent down" for two days, so that no Internet users could get through to it. The FTC site, meanwhile, started to come back online late Sunday, but even on Tuesday Internet users still were unable to get to the site 70 percent of the time.

"This is very strange. You don't see this," he said. "Having something 100 percent down for a 24-hour-plus period is a pretty significant event."

He added that, "The fact that it lasted for so long and that it was so significant in its ability to bring the site down says something about the site's ability to fend off (an attack) or about the severity of the attack."

Denial of service attacks against Web sites are not uncommon, and are usually caused when sites are deluged with Internet traffic so as to effectively take them off-line. Mounting such an attack can be relatively easy using widely available hacking programs, and they can be made far more serious if hackers infect and use thousands of computers tied together into "botnets."

For instance, last summer, in the weeks leading up to the war between Russia and Georgia, Georgian government and corporate Web sites began to see "denial of service" attacks. The Kremlin denied involvement, but a group of independent Western computer experts traced domain names and Web site registration data to conclude that the Russian security and military intelligence agencies were involved.

Documenting cyber attacks against government sites is difficult, and depends heavily on how agencies characterize an incident and how successful or damaging it is.

Government officials routinely say their computers are probed millions of times a day, with many of those being scans that don't trigger any problems. In a June report, the congressional Government Accountability Office said federal agencies reported more than 16,000 threats or incidents last year, roughly three times the amount in 2007. Most of those involved unauthorized access to the system, violations of computer use policies or investigations into potentially harmful incidents.

The Homeland Security Department, meanwhile, says there were 5,499 known breaches of U.S. government computers in 2008, up from 3,928 the previous year, and just 2,172 in 2006.

[johninpennsyl]

If it seems obvious it was North Korea,it probably wasn't.
It was probably some "friendly" country with a knowledge of our internal security,trying to make trouble.
Think about it,if you were North Korea,and you had the ability to do this,why would you tip your hand?

[hetup-2009]

If it kept me from getting a speeding ticket or having my license run for warrants this holiday weekend, thank you cyber criminals!

Why don't they do some more "nice" things like swamp the miserable banking institutions to slow down their foreclosures?

I think some good can come out of this.

[salmoc44]

Limbaugh began the Cheney interview with a serious question: "Why did the Administration keep Richard Clarke on the counterterrorism team when you all assumed office in January of 2001?" Cheney not only ducked it but gave an answer that was intentionally misleading: "Well, I wasn't directly involved in that decision. He was moved out of the counterterrorism business over to the cybersecurity side of things ..." (For the record: Clarke not only ran counterterrorism through 9/11 but remained on the job for another year as he watched in disgust the Administration divert its attention from al-Qaeda to Saddam Hussein.)

"Cybersecurity," Rush responded, with more than a bit of ridicule in his voice, "meaning Internet security?"

Cheney gave a reasonable answer to that one?the possibility of hacker terrorists getting into crucial defense-intelligence systems is serious business?but Rush was off to the races, laughing: "Well now, that explains a lot ..." And the Vice President played along: "Well ... he wasn't in the loop, frankly, on a lot of this stuff."

[inachu1]

I wanted to see how the state of affairs of security was goin on a regular broadband connection. So I disabled my router firewall and my windows firewall. I did however password protect my VNC.
Within 10 minutes an ip address from russia took over my pc and started opening windows and end tasked to see what was running.

The internet is not safe at all like it was in the 1990's

[rf35]

I wouldn't put this past N Korea, but it is hardly an excuse to launch a military strike. Rather, the success of the attack only proves that federal web sites require better protection. Personally, I think China is a more likely originator. I doubt the N Koreans are advanced enough to launch that big of an attack on our government web sites.

Since the military web was apparently not affected, I doubt the attack was designed to be more than an annoyance. Maybe they tried to bring down the DoD web sites and failed. In any case, the response to this shuld be to shore up our federal government web secutity, not to engage our already over-taxed armed forces in yet another ill-advised campaign.

[mljohns00]

The whole thing is a waste of money. If you want to blow up something, especially if you are willing to give your life, then you will blow it up. If you can't get to the building you want, then you go to another building. There are plenty.

[fedupredneck]

Feel free- Ill help ya build on to strap on yer back if yer that stupid-just do it in NK.

[pensacola8-2009]

I think it is very wrongful to accuse North Korea or any other nation of the cyber attack. It could have easily been done by anyone from our own nation, or anyone from what is currently considered a friendly nation.

The nature of cyber attacks is just as elusive as the person who sends a letter in the US Postal Service to a specific destiny, but uses a false origination address.

The cyber attacks of Hollywood movies clearly don't give citizens accurate protrayals of what attacks actually do.

There is far more fiction and ignorance on the subject than anything else.

Disabling a computer with an attack or intrusion is often done more by accident, than intention.

[thusspokezara]

Dear Supreme Leader of North Korean. Congratulations on the success of the recent cyber attack. The USA is teetering on the brink. A little push and the country will plunge into an economic abyss. Another series of provocative acts on your part should do the trick. Please consider massing another half a million troops on the DMZ. Then declare that you will invade unless the USA withdraws from South Korea. That should send the DOW below 5,000. Then create a naval crisis. Then, a couple of attacks on American interests in South America should do the rest. Obama of course will do nothing except bear witness.

[chengkeqi]

I am ChengKeQi,from China.Computer hacker is dangers and ugly,disgusting.We must make a law to punish them!

[debinok1]

Of course there is no possible way that NK was involved. They just happen to have an attack on their systems today. Wasn't there some speculation of some kind of attack aimed at the US from them on the 4th, I think I remember hearing something about that.