Chinese address is 'source' of cyberattack on one company hit in South Korean network shutdown
Thursday 21 March 2013
A Chinese internet address was the source of a cyberattack on one company hit in a massive South Korean network shutdown that affected 32,000 computers at six banks and media companies, initial findings indicated today.
It is too early to assign blame - internet addresses can easily be manipulated and the investigation could take weeks.
But suspicion for yesterday's shutdown quickly fell on North Korea, which has threatened Seoul and Washington with attack in recent days because of anger over UN sanctions imposed for its February 12 nuclear test.
South Korean regulators said they believe the attacks came from a "single organisation," but they have still not finished investigating what happened at the other companies.
Experts say hackers often attack via computers in other countries to hide their identities.
South Korea has previously accused North Korean hackers of using Chinese addresses to infect their networks.
Seoul believes North Korea runs an internet warfare unit aimed at hacking US and South Korean government and military networks to gather information and disrupt service.
The attack yesterday caused computer networks at major banks and TV broadcasters to crash simultaneously.
It paralysed bank machines across the country and raised fears that the heavily internet-dependent society was vulnerable.
A Chinese address created the malicious code in the server of Nonghyup bank, according to an initial analysis by the state-run Korea Communications Commission, South Korea's telecom regulator.
Investigators are analysing the log-in records and the malicious code collected from the infected servers and computers.
It could take at least four to five days for the infected computers to recover fully, and experts say the investigation could take weeks.
South Korean regulators have also distributed vaccine software to government offices, banks, hospitals and other institutions to prevent more outages.
In an indication of the high tension on the Korean Peninsula, South Korean media reported that North Korea sounded air-raid warnings in radio broadcasts this morning as part of military drills.
The network paralysis took place just days after North Korea accused South Korea and the US of staging a cyberattack that shut down its websites for two days last week.
Loxley Pacific, the Thailand-based internet service provider, confirmed the North Korean outage but did not say what caused it. South Korea denied the allegation.
The attack may have also extended to the US. Greg Scarlatoiu, executive director of the US-based Committee for Human Rights in North Korea, said he discovered early yesterday that their website had been hacked.
They have yet to establish who was behind it but strongly suspect it came from North Korea.
The South Korean shutdown did not affect government agencies or sensitive targets such as power plants or transport systems, and there were no immediate reports that bank customers' records were compromised, but the disruption froze part of the country's commerce.
Some customers were unable to use the debit or credit cards that many rely on more than cash.
At one Starbucks in downtown Seoul, customers were asked to pay for their coffee in cash, and queues formed outside bank machines.
Broadcasters KBS and MBC still did not have full computer use today, but the shutdown did not affect TV broadcasts.
"If it plays out that this was a state-sponsored attack, that's pretty bald faced and definitely an escalation in the tensions between the two countries," said James Barnett, former chief of public safety and homeland security for the US Federal Communications Commission.
- 2 Harry Potter fans can apply to the Hogwarts-inspired College of Wizardry
- 3 Jessica Chambers: 19-year-old woman 'doused with lighter fluid and burned alive' in the US
- 4 Russell Brand calls Nigel Farage 'poundshop Enoch Powell' in BBC Question Time debate
- 5 Orange Wednesdays are no more
Weather bomb in pictures: Storms cuts power for tens of thousands – and snow is on the way
Jessica Chambers: 19-year-old woman 'doused with lighter fluid and burned alive' in the US
Russell Brand calls Nigel Farage 'poundshop Enoch Powell' in BBC Question Time debate
Russell Brand was rendered speechless on Question Time by this man
Fury at Airbus after it hints the super-jumbo may be mothballed
Disgruntled RBS worker writes hilarious open letter to Russell Brand after anti-capitalist publicity stunt leaves him hungry
Nigel Farage defends Kerry Smith 'ch***y' comment: 'If you are going for a Chinese, what do you say you’re going for?'
Nigel Farage's approval rating hits 'record low' as popularity suffers in wake of Ukip sex scandal
Pakistan school attack live: Taliban kill at least 132 children in 'horrifying' massacre
Sony hack: Angelina Jolie branded 'seriously out of her mind' in further embarrassing leaked email saga
Rozanne Duncan: Ukip expels councillor for 'jaw-dropping' comments made in BBC TV interview
£20000 - £21000 per annum: The Jenrick Group: This high quality manufacturer o...
£30000 - £35000 per annum + pension + holidays: The Jenrick Group: Electrical ...
Negotiable: Recruitment Genius: This company offers London's best photo booth ...
£25000 - £30000 per annum: Recruitment Genius: Domestic Gas Service Engineers ...