Here’s what happened: Last week saw a coordinated attack from more than 166,000 computers in 74 countries. The attack targeted about three dozen government and commercial websites, effectively shutting them down.
According to online sources, a server in the U.K. coordinated the attack. The server in question belongs to an IP address range of 195.90.118.xxx, where "xxx" are three variable numbers. A company called Global Digital Broadcast owns the IP address range.
But the people behind Global Digital Broadcast say they're innocent, pointing instead to a server based in Miami.
Tech analyst Kim Zetter of Wired.com said that although hawkish elements in Congress are encouraging President Obama to strike back at the cyber-attackers, the server in Miami might be innocent, too.
"[I]t should be noted that the Miami connection was likely just another proxy used by the hacker, who could be based in the U.S. or anywhere else," she wrote.
Another source backs up that analysis. Hanoi-based security firm Bkis Security said that they when they traced the attack to the Miami-based server, they found it belonged to a company called Digital Latin America, but they also found that the server was merely used as a robot to sniff out other vulnerable servers to exploit.
Digital Latin America counsel Amaya Ariztoy said they're cooperating with authorities.
