Authorities work to unravel attacks on U.S., S. Korean Web sites

WASHINGTON (AP) — U.S. authorities trying to unravel the widespread cyber attacks against government Web sites in America and South Korea this week are facing a lengthy, complex investigation that may never identify a culprit, at least not one they would be willing to reveal.

Cyber experts familiar with the ongoing probe are divided over the extent of North Korean involvement, split between those who believe hackers may have simply used zombie computers in the region and those who think the communist nation has moved to the digital battlefield.

Active involvement by North Korea would signal a new advancement by the nuclear-ambitioned nation.

If Pyongyang is behind the attacks, “it probably establishes a new pattern of behavior,” said Rod Beckstrom, former head of the nation’s cybersecurity center. “If this is them, they are now in the club. And they’re probably only going to get better.”

Effects of the outage lingered Thursday, as State Department spokesman Ian Kelly said that cyber attacks on the department’s computers continued, though not at the high volume seen in the first wave of the assault. A new wave of computer attacks also battered government sites in South Korea but did not knock them offline.

“We are taking measures to deal with this and any potential new attacks,” Kelly said.

Investigators in both the U.S. and South Korea face a steep task in trying to trace the attack to its source. The assault involved more than 100,000 zombie computers linked together in a network known as a “botnet.” Most of those computers were in South Korea, but others were in Japan, China, the U.S. and possibly other countries.

Analysts and former government officials said Thursday the effort to find the culprit in the wave of Web attacks would be a multipronged federal investigation that includes agents lurking in nefarious cyber chat rooms seeking tips on the attackers and analysts poring over the computer code looking for digital fingerprints.