South Korea to boost computer security

SEOUL, July 10 (UPI) -- The South Korean Defense Ministry is to spend $20.32 million to improve security for its computer systems after this week's cyberattacks on its Web sites and those of financial institutions.

The move is part of the Ministry of Strategy and Finance's overall government budget announcement. It proposes an across-the-board 5 percent increase to $233 billion for 2010, according to a report by South Korean broadcaster Arirang.

National defense and social welfare research and development were among the areas with the largest budget increases. The Finance Ministry will submit the budget to Parliament for final approval in October.

The broadcaster also noted that the Cyber Terror Response Center, part of the National Police Agency, has set up a team to investigate the cyberattacks. Other departments, including the military, have also launched their own investigations.

Korean media have reported three days of attacks affecting Web sites including the president's office. The attacks occurred at similar times causing disruption of U.S. government Web sites.

The government issued a security warning to businesses in the wake of the distributed denial-of-service attacks, which cause major access slowdown and disablement. DDoS infections are introduced through malicious software that Cheong Wa Dae, the National Intelligence service, has said may have come from North Korean government hackers, although there is yet no official confirmation of their origins.

Major disruptions occurred on Web sites of the National Assembly, the Ministry of Public Information and Security, Kookmin Bank, the daily newspaper Chosun Ilbo and the online shopping site Auction. The Korea Communications Commission believes more attacks could be coming, according to a report in the Korea Times newspaper.

In an effort to stop further attacks, the commission ordered Internet operators KT, SK Broadband and LG Dacom to deny access to 30,000 known virus-infected computers.

Symptoms of DDoS include an unusually slow network performance, according to the U.S. Computer Emergency Readiness Team, part of the National Cyber Security Division of the Department of Homeland Security. Web sites may be unavailable or drastically limit access.

There could also be a large increase in spam e-mails, called an e-mail bomb attack. The bandwidth of a router between the Internet and a local area network may be consumed by an attack, resulting in the shutdown of an entire network.

Security analysts say one of the most effective ways to survive an attack is to have a separate emergency block of IP addresses for critical servers with a separate route.

U.S. Defense Secretary Robert Gates recently announced that the U.S. Strategic Command is to set up a new Cyber Command to oversee information technology security. U.S. President Barack Obama also announced a new cybersecurity office at the White House.

The Pentagon's Cyber Command is expected to be operational by Oct. 1, while South Korea's Defense Ministry has said it will have a similar command running by 2012.