The Return of DDoS
It seems as if every year our peninsula is attacked by "distributed denial of service" (DDoS) or something equivalent and March found us showered again with Internet disobedience. Massive disruption by DDoS attack returned to South Korea with over 10,000 robot networks or "botnets" infecting computers that can then remotely be used for a cyberattack. A number of government websites including Cheong Wa Dae (the presidential office in South Korea or Blue House), the National Intelligence Service (NIS) and the Korean Communication Commission (KCC), along with 40 corporate websites were hit with so much junk traffic that they could no longer accommodate legitimate visitors. In fair comparison it would be like 10 overweight persons trying to get through a revolving door at the same time. It causes no direct physical harm, but is disruptive and costly.
Let's rewind our clocks to the 2009 DDoS attack when approximately 130,000 zombie PCs were involved. The malicious code began spreading through P2P sites and took out parts of our communication networks for about a week. What is different about this new attack is that all 40 harmed websites were local and not only did the code drive up traffic to the attacked sites, it also directly raised the server load. This attack shows more sophistication when compared to the previous ones as the code has improved survivability by blocking the automatic update function of anti-virus programs and hard drives could be destroyed by the infection.
There was a time when we considered these cyber attacks a bunch of nonsense - like meaningless graffiti on a wall. Little is known about the key players who coordinate the operation and DDoS attacks. A relatively small group of people, they are seemingly fuelled by anger, frustration and a strong desire to have their voices heard. These "distributed denial of service" attacks have enough firepower to knock entire countries off the Internet grid and unfortunately have become daily occurrences in recent years, raising fresh concerns within the security community about weaknesses in the Internet infrastructure that help create such weapons of mass disruption.
What does the future hold? Attackers are picking bigger targets and so immediate action is needed. DDoS attacks are already illegal in many European countries and come with a lengthy prison sentence. Governments must start doing their homework at home and urgently get together with their peers to design a global cyber defence system before it's too late. One thing is for certain - since this country has the world's highest percentage of computers with high-speed Internet connections, we know what being victims of DDoS attacks is all about.