South Korea websites hit by fresh cyber attack

SEOUL: The web sites of South Korea's key government agencies and financial institutions came under cyber attack for a second day Saturday, suffering minor damage, communications authorities said.

The Korea and Communications Commission (KCC) said the "distributed denial-of-service (DDoS)" attacks resumed Saturday morning against 29 websites including those of government agencies, Internet portals and banks.

"The homepage of parliament momentarily underwent delays but currently all the websites are operating normally," a KCC official told AFP.

The attacks were fended off as antivirus software was downloaded as a precaution and most "zombie computers" that were inadvertently used to carry out such attacks were turned off on Saturday.

The government and local antivirus firms, however, maintained an alert status for further attacks.

South Korean police have isolated 30 overseas servers that were ordering more than 34,000 zombie computers to carry out DDoS attacks, Yonhap news agency said.

These servers have been traced to 18 countries and territories around the world, including the United States, Russia, Italy, Mexico, Israel and Hong Kong.

Police have contacted overseas law enforcement agencies in attempts to trace the origin of the attacks.

Seoul on Friday issued a cyber security alert as the 29 websites came under DDos attacks.

They included those of the presidential Blue House, the US forces, the military Joint Chiefs of Staff, the ministries of foreign affairs, defence and unification, which handles relations with North Korea, parliament and the tax office.

A DDoS attack often uses viruses planted in "zombie" computers. These seek simultaneous access to selected sites and swamp them with traffic.

In July 2009 a major cyber-attack temporarily shut down 25 sites domestically and in the United States, including those of the State Department, the White House and the Pentagon.

South Korea's spy chief reportedly blamed North Korea's telecommunications ministry for that incident, although US officials reached no conclusion.

In July last year, on the anniversary of the first incident, a number of websites suffered similar DDoS attacks because some contaminated PCs had not been fixed.