(CNN) -- The death of Michael Jackson and Internet attacks in the United States and South Korea share a cyber-crime connection.
Almost immediately following Jackson's death, antivirus software companies began seeing links related to the singer that were in fact snares for users to download malignant software, or "malware." Similar sites cropped up related to the death of Farrah Fawcett.
Meanwhile in South Korea, antivirus developers have determined that at least 20,000 computers in the country had been unwittingly co-opted in the cyber attack on Thursday that hit seven large businesses and government Web sites. It was the third wave of attacks since the July 4 Internet assault on government Web sites in Washington and Seoul.
The fake Michael Jackson snares and the large-scale attack in South Korea illustrate the pipeline of cyber crime. Computers are co-opted by malignant software that PC owners unwittingly download by clicking on an infected site or e-mail. The network of infected computers can then be unleashed by criminals in a "denial of service" attack.
In the case of the South Korean attacks, the computers made repeated requests to access the Web sites and overloaded the system, said Philip Kim, CEO of computer security company Ahnlabs in Seoul, South Korea. His Web site also was targeted by recent attacks.
Kim wouldn't comment on where he thought the attacks were generated, but South Korean government officials are pointing toward North Korea.
"For this type of attack, we don't know how the malware got into the computers," Kim said. "There are many different paths that malware can find its way into a computer. ... These are 20,000 computers owned by ordinary people."
Unless users have antivirus software regularly updated, they may never know their computers were used in the attack. Criminals "are designing hacking tools in a smart way, so it doesn't take as many resources in the computer" and slow down performance, which could signal something wrong with the machine, Kim said.
And it's difficult for users to know whether any one Web site is safe. One Web site may have code from six or seven different partners, points out Thomas Parenty, a computer security expert.
"If you go to a site of a hotel and see a map and 'how to get directions,' that's likely provided by a completely different company," Parenty said. "You may go to a trusted Web site, but how do you know all the code on the page is from trusted sources?"
Internet crime has evolved from the vandalism of early worms to schemes to bilk users out of personal information and cash. Now there are more incidents like the cyber attack in South Korea and Washington, which nation-states can use in military or political conflicts.
"You see it in Israel and Palestine, Georgia and Russia, Pakistan and India," said Eugene Spafford, a computer security specialist at Purdue University who has advised two U.S. presidents and numerous companies and government agencies.
The threat is growing of attacks with the possibility of taking down critical national infrastructure systems. Embedded code was discovered in the U.S. power grid two years ago, which could have potentially damaged power supply, two former federal officials told CNN in April.
"This is a kind of threat that hasn't been triggered yet, but it's possible that individuals under color of one nation or cause can, say, take control of a power grid or other critical infrastructure," Spafford said in a recent interview. "It's a potential loss that hasn't happened yet."