At least two computer servers and a personal computer in Japan were among 746 computers in 70 countries that were used in extensive cyber-attacks in South Korea in March, the National Police Agency said Thursday.
The two servers are owned by small and midsize enterprises in Hokkaido and Kagawa Prefecture, respectively, while the personal computer is owned by a man in Tokyo.
The Hokkaido server and Tokyo computer were to have been found infected with viruses called "bot," which enables the sender to control other computers.
The server in Kagawa Prefecture was not infected with these viruses but was used in the attacks.
As servers and PC owners often fail to notice their machines have been infected with a virus, the NPA has urged computer owners and servers to tighten security measures.
The attacks affected 40 South Korean Web sites, including those operated by governmental organizations and financial institutions, the NPA said. The agency has been investigating Japanese servers and PC owners after receiving a South Korean request through Interpol.
For three days until March 5, Web sites of South Korea's Blue House presidential palace, military forces, Foreign Affairs and Trade Ministry, and securities companies suffered access problems because of denial of service, which occurs when an enormous quantity of data is sent simultaneously or over a short period of time.
According to the NPA, South Korean authorities located about 100,000 computers that had sent a huge quantity of data by analyzing communication history logs.
The authorities further located computers in 70 countries that directed these computers on when and what they would attack.
Three points of origin were detected in Japan.
The personal computer in Tokyo was connected to the Internet around the clock but did not have antivirus software installed, making it vulnerable to outside intrusion.
Those directing the cyber-attacks could face charges of forcible obstruction of business under South Korean law.
However, the owners of computers used in the attacks do not face charges as their computers were manipulated by others.
The NPA said North Korea is believed to be behind the attacks.
(Sep. 23, 2011)