Cyber attacks may not have come from North Korea

By Clare Baldwin and Jim Christie - Analysis

SAN FRANCISCO (Reuters) - Cybersecurity analysts raised doubts on Wednesday that the North Korean state launched recent attacks on U.S. government and South Korean websites, saying industrial spies or pranksters could be the villains.

More than two dozen websites in the United States and South Korea, including that of the U.S. State Department, were attacked in recent days.

South Korea's spy agency has said North Korea may be behind the attacks, while the U.S. government has said it is too soon to make such claims -- and Internet security experts agree.

The implications of a state-sponsored attack are severe, said SecureITExperts' Mark Rasch, who led the U.S. Department of Justice computer crimes unit from 1983 to 1991.

"There's no difference between dropping a logic bomb and dropping a TNT bomb in the law of war," he said, but added that while North Korea could have been behind the maneuvers, they did not appear to be coming from computers physically located in the reclusive Asian country.

"This is not something that your average 'script kitty' can do. On the other hand it doesn't require it to be state-sponsored," Rasch said.

The relatively simple "denial of service" attacks aim to overwhelm computers with requests for information. They are designed primarily to disrupt systems rather than penetrate and obtain data, analysts said. They are also difficult to trace.

The attacks could have been a "shot across the bow" by North Korea, the computer equivalent of its recent missile launches, but could also have been conjured up by hackers looking to make quick money or secure bragging rights.  Continued...