Skip to main content

New Cyber Attacks May Target Your PC

The Korea Communications Commission (KCC), a South Korean government agency, said that the next wave of cyber attacks believed to occur today could strike consumer PCs and wipe out hard drives. The attacks, originally kicking off on July 4th and using the "distributed denial of service" approach, have targeted South Korean and U.S. government and financial institutions throughout the week without causing severe damage or security breaches. However, South Korean web security firm Ahnlab said that the new phase--shifting from attack to destroy--could affect "tens of thousands" of personal computers.

"The affected computers will not be able to boot and their storage files will be disabled," said Lee Byung-cheol of Ahnlab.

Originally North Korea was the prime suspect behind the online assault, and while experts still say that the secluded country could still be the culprit, the source of the cyber attacks now traces back to five separate IP addresses stemming from Germany, Austria, Georgia, South Korea, and the United States. While the actual identity of the party responsible behind the attacks still remains unknown, it's theorized that those IP addresses were used to mask the culprits by accessing infected PCs from remote locations.

Over the course of the week, more details have surfaced on how the three waves of attacks have taken place. The perpetrators used a virus that infected many PCs worldwide, thus creating a nasty botnet. This past weekend, the botnet was activated and began to flood the targeted websites with massive amounts of requests, overloading the servers and knocking many websites offline. Now it's believed that many of those infected PCs will "self-terminate" by wiping out the hard drives sector by sector, or encrypting user data.

Currently the KCC has blocked all five IP addresses that were used to distribute the viruses, cutting off any future attempt to distribute additional viruses or to carry out DDoS attacks. South Korea also blocked an additional 86 IP addresses in 16 countries used to distribute viruses that damaged files or hard disks of infected PCs. By late Friday, South Korea reported 356 cases resulting from the damaging viruses.

South Korea's National Intelligence Service, the country's spy agency, provided lawmakers today with technical and circumstantial reasons why North Korea could be responsible for the assaults, however because probes are still underway, it was too early to place the blame entirely on the North.