Quote Originally Posted by marct View Post
Dark Reading just published a report on the recent DDOS attacks on US and South Korean systems.
Unlike the unnamed South Korean intelligence official in the report who attributes this to sophisticated state action, the view in most of the tech community seems to be that this is pretty primitive stuff:

Lazy Hacker and Little Worm Set Off Cyberwar Frenzy
By Kim Zetter
Wired, July 8, 2009

Talk of cyberwar is in the air after more than two dozen high-level websites in the United States and South Korea were hit by denial-of-service attacks this week. But cooler heads are pointing to a pilfered five-year-old worm as the source of the traffic, under control of an unsophisticated hacker who apparently did little to bolster his borrowed code against detection.

Nonetheless, the attacks have launched a thousand headlines (or thereabouts) and helped to throw kindling on some long-standing international political flames — with one sworn enemy blaming another for the aggression.

...

Security experts who examined code used in the attack say it appears to have been delivered to machines through the MyDoom worm, a piece of malware first discovered in January 2004 and appearing in numerous variants since. The Mytob virus might have been used, as well.

...

In the recent attack, experts say the malware used no sophisticated techniques to evade detection by anti-virus software and doesn’t appear to have been written by someone experienced in coding malware. The author’s use of a pre-written worm to deliver the code also suggests the attacker probably wasn’t thinking of a long-term attack.
That, of course, doesn't exclude an unsophisticated NORK recycling some stale hacker tools, but it does perhaps place it in context.

Sam, any thoughts on this one?