South Korea on high alert for more cyber attacks

South Korea was on high alert Thursday for more cyber attacks amid suspicions that North Korea was behind a recent wave of Web site outages in the South and in the United States.

A computer security company warned that another wave of attacks was expected in South Korea later in the day.

Seoul-based antivirus software developer AhnLab said it has analyzed a virus program that sent a flood of Internet traffic to paralyze Web sites in both countries. It said seven South Korean sites are likely to be targeted on Thursday, including those of the Ministry of Public Administration and Security, Kookmin Bank and the mass-circulation Chosun Ilbo newspaper.

South Korean intelligence officials believe North Korea or pro-Pyongyang forces were behind the cyber attacks in the U.S. over the July 4 U.S. Independence Day holiday weekend and in South Korea since Tuesday.

Some South Korean sites remained inaccessible or unstable on Thursday including the National Cyber Security Center, affiliated with the main spy agency.

The National Intelligence Service informed members of parliament's intelligence committee of its assessment on Wednesday, according to aides to two of the lawmakers. They spoke on condition of anonymity given the classified nature of the information.

The spy agency declined to confirm the information provided by the aides but said in a statement that the sophistication of the attacks suggested they were carried out at a higher level than rogue or individual hackers.

U.S. authorities also eyed North Korea as the origin of the trouble, though they warned it would be difficult to identify the attackers quickly.

Three U.S. officials said that while Internet addresses have been traced to North Korea, that does not necessarily mean the attack involved Kim Jong Il's government in Pyongyang. They spoke on condition of anonymity because they were not authorized to speak publicly on the matter.

On Thursday, the Dong-a Ilbo newspaper reported that South Korea has detected signs that North Korea or its sympathizers in China or elsewhere committed the cyber attacks.

The paper, citing an identified government official, said the assessment was made after an investigation on infected computers' IP addresses — the Internet equivalent of a street address or phone number.

South Korean media reported in May that North Korea was running a cyber warfare unit that tries to hack into U.S. and South Korean military networks to gather confidential information and disrupt service.

The communist North has recently engaged in a series of threats and provocative actions widely condemned by the international community including a nuclear test and missile launches, including firing seven ballistic missiles on July 4 in violation of U.N. Security Council resolutions.

The cyber outages were caused by so-called denial of service attacks in which floods of computers all try to connect to a single site at the same time, overwhelming the server that handles the traffic, the state-run Korea Information Security Agency said.

In South Korea, 12 sites were initially attacked Tuesday, followed by attacks Wednesday on 10 others, including those of government offices like the presidential Blue House and the Defense Ministry, banks, vaccine firms and Web portals. The U.S. targets included the White House, Pentagon, Treasury Department and the New York Stock Exchange.

South Korea issued a cyber security alert Wednesday, establishing an ad-hoc office to monitor and obstruct cyber attacks on state agencies around the clock. The Ministry of Public Administration and Security said in a statement that personal computers of all civic servants are required to undergo an emergency inspection.

There were no immediate reports of financial damage or leaking of confidential national information, according to the Korea Information Security Agency. The attacks appeared aimed only at paralyzing Web sites.