A wilderness of mirrors

From today’s NYTimes..

It is an axiom that “on the Internet nobody knows that you are a dog.”

By the same token, it is all but impossible to know whether you are from North Korea or South Korea.

That puzzle is plaguing law enforcement investigators in several nations who are now hunting for the authors of a small but highly publicized Internet denial-of-service attack that briefly knocked offline the Web sites of some United States and South Korean government agencies and companies.

The attack, which began over the Fourth of July weekend and continued into the next week, led to South Korean accusations that the attack had been conducted by North Korean military or intelligence agents, possibly in retaliation for new United Nations sanctions. American officials quickly cautioned that despite sensational news media coverage, the attacks were no different from similar challenges government agencies face on a daily basis.

Cyberwarfare specialists cautioned this week that the Internet was effectively a “wilderness of mirrors,” and that attributing the source of cyberattacks and other kinds of exploitation is difficult at best and sometimes impossible. Despite the initial assertions and rumors that North Korea was behind the attacks and slight evidence that the programmer had some familiarity with South Korean software, the consensus of most computer security specialists is that the attackers could be located anywhere in the world.

“It would be incredibly difficult to prove that North Korea was involved in this,” said Amrit Williams, chief technology officer for Bigfix, a computer security management firm. “There are no geographic borders for the Internet. I can reach out and touch people everywhere.”

This is the back-story to the post by Mark Anderson that I blogged earlier in the week.