South Korean cyberattacks linked to known DarkSeoul gang by Symantec Security

For free real time breaking news alerts sent straight to your inbox sign up to our breaking news emails

Sign up to our free breaking news emails

Please enter a valid email address

Please enter a valid email address

SIGN UP

I would like to be emailed about offers, events and updates from The Independent. Read our privacy notice

A shadowy network of hackers dubbed the ‘DarkSeoul gang’ has been linked to a series of cyberattacks on South Korea, with the latest assault coming earlier this week as the peninsula marked the 63rd anniversary of the start of the Korean war.

Analysts at the American computer security firm Symantec have also linked the group to the so-called Jokra attacks in March, which affected servers at South Korean broadcasters and banks. The attacks led the South Korean army to raised its state of readiness, amid speculation about the involvement of the North Korean government.

Symantec, however, said that while it uncovered digital evidence connecting the attacks to a group of 10 to 50 members, it had not traced their identities, leaving the question of their origin unanswered for now.

“The attacks conducted by the DarkSeoul gang have required intelligence and coordination, and in some cases have demonstrated technical sophistication,” the security firm said in blog post on its website.

Although Symantec could not make a connection with Pyongyang, South Korean media has in the past referred to local officials as concluding that the March attacks were indeed the handiwork of North Korean hackers.

The security firm said it expected cyber attacks to continue. “Regardless of whether the gang is working on behalf of North Korea or not, the attacks are both politically motivated and have the necessary financial support,” it warned, adding that the “DarkSeoul gang is almost unique in its ability to carry out such high-profile and damaging attacks over several years.”

The warning comes amid growing concern in capitals around the world about cyber warfare. In the US, China and Iran are often linked to cyber attacks on American businesses. Washington itself has been accused of mounting attacks on Iran. According to Edward Snowden, the former National Security Agency contractor behind the recent series of leaks to The Washington Post and The Guardian about the inner workings of the American intelligence corps, the US has also hacked Chinese mobile phone companies, and a major university.

In the Korean peninsula, while North Korea has been blamed for mounting cyber attacks on the South, Pyongyang has also proclaimed itself a victim of digital warfare. In March, the country’s state news agency blamed the US and “the South Korean puppet regime” for cyber attacks on its digital infrastructure.