The July 2009 cyber attacks were a series of coordinated cyber attacks against major government, news media, and financial websites in South Korea and the United States.
The attacks involved the activation of a botnet—a large number of hijacked computers—that maliciously accessed targeted websites with the intention of causing their servers to overload due to the influx of traffic, known as a DDoS attack.
Most of the hijacked computers were located in South Korea.
The estimated number of the hijacked computers varies widely; around 20,000 according to the South Korean National Intelligence Service, around 50,000 according to Symantec’s Security Technology Response group, and more than 166,000 according to a Vietnamese computer security researcher who analyzed the log files of the two servers the attackers controlled.
Department of Homeland Security (DHS) Documents relating to this incident [ 25 Pages, 1.13MB ]
Department of State Documents relating to this incident [ 322 Pages, 14.16MB ]