Denial of Service attacks could have been engineered by anyone according to Imperva

Burlington, MA & Redwood Shores, CA, July, 2009 (Eskenzi PR) – The hacker attacks on Web sites in South Korea - which spilled over to selected US government sites last week - were almost certainly orchestrated by hackers sympathetic to North Korea, but the attacks could have been organised by anyone with a modest budget, says Imperva, the data security specialist.

"It doesn’t make sense that this attack came exclusively from North Korea. First, the attack was using widespread code executed by zombie computers all over the world. Second, this attack is relatively inexpensive to execute—no more than $50,000—making it doable not just by any government, but also by any Tony Soprano. That’s the really scary part.”," he added.

According to Shulman, whilst the attacks on the US Government and South Korea were almost certainly the result of hackers sympathetic to the cause of North Korea, the government in the North should not be held exclusively responsible.

Further, in the case of US government, he explained, the impact of the attacks could have been easily mitigated. US government has placed too much reliance on multiple Internet service providers. “The US government can learn a lesson from Israel who set up a central connection authority, the Tehila, for all government agencies that provide traffic management services as well as security, redundancy and disaster recovery. In this case, a central authority would have had an easier time blocking an attack of this nature.”

“The attacks,” he went on to say, “show that security experts must never take their eye off of `old school' threats as the industry moves to protect itself from new and more sophisticated attacks. As organisations shift their security focus to protect against data- centric attacks, he said, they should never forget about the importance of perimeter defences.”

"Had the right defences been in place in the first place, the hacker attacks would only have caused a minor slowdown in Internet operations and the hackers would have been unsuccessful in their quest," he added.

For more on the South Korean hacker attack fall-out: http://preview.tinyurl.com/m8ehso

For more in Imperva: http://www.imperva.com

Imperva, the Data Security leader, enables a complete security lifecycle for business databases and the applications that use them. Over 4,500 of the world’s leading enterprises, government organizations, and managed service providers rely on Imperva to prevent sensitive data theft, protect against data breaches, secure applications, and ensure data confidentiality. The award-winning Imperva SecureSphere is the only solution that delivers full activity monitoring from the database to the accountable application user and is recognized for its overall ease of management and deployment. For more information, visit www.imperva.com.

<>