SK Broadband, one of the largest providers of broadband Internet access in Korea, was attacked by the Distributed Denial-of-Service (DDoS) over the weekend, disconnecting its Internet services for about an hour.
DDoS is a kind of cyberattack in which multiple compromised systems are used to target a single network or a machine and make it unavailable to users.
On Saturday at 10:55 a.m., the traffic on SK Broadband’s DNS server soared up to 15 million packets per second (PPS), from its usual average of about 1 million PPS. PPS refers to the number of database transactions performed per second.
The Ministry of Science, ICT and Future Planning said it blocked the cyberattack on SK Broadband and a smaller attack on LG U+ with the help of the Korea Internet Security Agency (KISA) and was able to normalize the service in 70 minutes.
SK Broadband users near Seocho and Dongjak distrcts in southern Seoul were without Internet from 10:55 a.m. until 12:05 p.m. on Saturday.
There was also a mild attack on LG U+, the nation’s third-largest mobile carrier, but it did not have a noticeable effect on the carrier or its users, according to the ministry.
The investigative team at the Science Ministry has confirmed 1,030 Internet Protocol addresses used in the DDoS attack and is analyzing the SK’s DNS server log.
SK Broadband said it is planning to collect and analyze the malware codes used in the attack after it identified zombie PCs among the users.
“It’s not the first time that a mobile carrier has been attacked by DDoS. We are investigating where the attack came from and the exact causes,” said Lim Young-seok, a manager at SK Broadband. “It could take a month, as in the case of previous cyberattacks on banks.”
However, information security companies suggested that the DDoS attack on the mobile carrier and the Internet service provider could be a prelude to a larger cyberattack.
Increased malware activity was recorded ahead of massive cyberattacks on three Korean television stations and a bank on March 20 and a June 25 attack on the Blue House website.
Bitscan, a local securities company, warned that malicious links are at their most active point this year.
“As malwares hover between wired and wireless networks, PCs and mobile devices that are vulnerable to cyberattacks will likely see huge damages,” said a spokesman for Bitscan.