Skip to main content

Cyber Attacks May Have Originated in U.K.

Nguyen Minh Duc, senior security director at Bach Khoa Internetwork Security (Bkis) in Vietnam, is claiming that last week's cyber attacks on the United States and South Korea originated in Britain, not North Korea. His analysis is based on data collected that actually contradicts the findings of South Korea and the U.S. It was also reported over the weekend that an IP address originating in Britain was blocked by the Korea Communications Commission. Coincidence? Probably not.

According to Mr. Duc, the infected computers comprising the malicious army flooding websites such as the White House, the Treasury, the FTC, and the National Intelligence Services broadcasted requests every three minutes to one of eight servers. Mr. Duc said that Bkis gained control of two servers that in turn were used to hunt down the master server using an IP range 195.90.118.x. He said that the IP is registered to the Global Digital Broadcast in the U.K.

"Having located the attacking source in UK, we believed that it is completely possible to find out the hacker," he told Daily Tech.

The data collected from the master server indicated that 166,908 PCs in 74 countries were infected. Most of those resided in South Korea, followed by Australia, China, the U.S., Vietnam, and five other countries.