Today’s AP Wire, New York Times, and Washington Post (itself a target) are carrying major stories about the high-profile website outages that began last weekend in Korea, and linking them to similar attacks that persist, among a number of US Government websites.

All this is a major story, (or at least Google News and 1,569 2055 stories on the topic seem to think so).  But why?  After all, DDoS attacks against government servers, like the one currently afflicting the ROK and US, are not new (thousands allegedly take place daily on the White House alone, and even more interesting cases like last week’s ‘grassroots’ attack on Iranian election and government sites only get a day or two’s press).  As it turns out, the early July attacks provide an interesting window into why the mainstream media follows some cyber incidents and not others.

Some theories, including villains and more, after the jump:

• Everyone loves a good villain (and cyber stories rarely have them, with any certainty).  Is this, at is core, a political story? Much of the early analysis linking the two attacks seemed to be riding the tidal wave of coverage on North Korea’s recent bellicosity. (A quick Google News analysis reports that 1400+ of 1500 stories covering the South Korean attack point to the the North as responsible.)
• Transnationalism: two countries suffer major DDoS attacks in one weekend, one of them the world’s most wired (that would be Korea, for those of you who rush to laud America’s somewhat lagging broadband service).
• Notable in size, or scope: this particular DDoS seems to be unsophisticated, but quite massive, leading to all sorts of speculation about the attack.  More interestingly, however, are the lessons the policy community can draw, namely just how cheap and easy it can be to stifle internet traffic.
• Symbolism: While many note that the White House was a target of these attacks, the US felt (comparatively) few effects; the South Koreans saw many major government agencies’ sites taken offline and, far more critically, their beloved internet ‘portal’ Naver.  (Ask any Korean under the age of 35: this is a big deal.)

And thus, as with all notable events in the under-explored world of cyber, we’re left with more policy-relevant questions than answers:

• How do we explain the haphazard selection of US targets (pity the Federal Trade Commission) versus the much more significant ROK ones?
• ‘If it could take out major ROK sites, could [something on this scale] happen in the US?‘  A deeper question might be, ‘if they did, would it matter?’
• Just how easy is it to take out a dozen or so major public websites? The answer might be: easier than most hawks–notably those that immediately blame the NORKs–think.

Lots of good (albeit tentative) coverage exists across the web on the story, so I’ll avoid full summary; it’s the above questions that will probably stimulate the most discussion.  Next stop: unifying the events, and the North Korea theory.