More than two dozen Internet sites in South Korea and the United States, including that of the White House, were attacked and some disabled by hackers possibly linked to North Korea, South Korea's spy agency said Wednesday.
An organization and possibly a state were behind the attacks Tuesday in South Korea, the world's most wired nation, and there were signs of "meticulous preparations" for the act, the country's National Intelligence Service said in a statement.
The statement did not offer further details, but South Korean media, including Yonhap news agency, quoted parliament members as saying after a briefing with NIS officials that the spy agency believes "North Korea or pro-North elements" were behind the attacks.
"Malicious programs" were found targeting 26 U.S. and South Korean websites, including that of the White House, NIS officials reportedly said, according to Yonhap.
The attackers tried to jam the websites by overwhelming their data capacity and knocking them out of service, it said.
A cyber attack affected the public websites of several U.S. government agencies, including the Treasury and Transportation departments, the Secret Service and the Federal Trade Commission, officials said. They declined to comment on where the attack may have originated.
The Department of Homeland Security said it had issued a notice to federal agencies on steps to mitigate such attacks.
"We see attacks on federal networks every day, and measures in place have minimized the impact to federal websites," said Amy Kudwa, Homeland Security spokeswoman.
The attacks, which began in the U.S. over the July 4 holiday and in South Korea on Tuesday, were thoroughly prepared and appeared to have been committed by hackers "at the level of a certain organization or state," said a statement from the NIS.
So could the North have carried out such an attack - or hired others to do it?
"That is very possible because those attacks are not very complicated," said Andre Rickardsson, an information-technology security expert at Sweden's Bitsec Consulting. "North Korea is a country that sends up rockets and builds nuclear weapons, so why not build a virus? It's not difficult."
Paul Cornish, director of the international security program at the Chatham House think tank in London, agreed. "You don't need to amass great armies, it can all be done covertly and cheaply" by hiring outside expertise, he said.
For that, suspicions fell on China, Iran or even organized crime.
Countries like Iran and North Korea, as well as terrorist groups, are devoting increasing amounts of resources to cyber and electronic warfare, said Andrew Brookes, a defence analyst with the International Institute for Strategic Studies in London.
"They can't take the West on with conventional tactics like big armies, big air forces or big navies. Instead, they are trying to look to cheaper activities - ballistic missiles, work in space or cyber attacks," he said.
There is likely some collaboration between North Korea, Iran and others on cyber-warfare technology, Brookes said, but the likeliest culprits in the attacks are small-scale computer hackers rather than hostile governments.
"The choice of targets suggests that whatever group is doing it is sympathetic to North Korea," said Gene Spafford, executive director of Purdue University's Center for Education and Research in Information Assurance and Security.
This could include a "for-hire criminal group paid for by North Korea or sympathizers who could be anywhere in the world, including in South Korea, China or even the U.S," he said.
If the North was responsible, it would mark an escalation in tensions already high because of Pyongyang's nuclear test in May, its firing of a barrage of seven ballistic missiles this month, and repeated taunts of long-time foes Seoul and Washington in its official media.