Chinese IP address carried out the attack on Wednesday, according to SK officials

Amid flaring tensions with neighboring North Korea, South Korea was hit on Wednesday by a major cyberattack.  The attack left 32,000 servers at media and financial companies damaged, according to government officials.  According to South Korea's National Computing and Information Agency the attack affected nine companies -- three broadcaster, four banks, and two insurance companies -- and was carried out via infectious malware.

I. Damaging Cyberattack Came From Chinese IP, NK Suspected

China has officially condemned recent North Korean nuclear tests, back harsh new UN sanctions for the first time.  But an investigation by the South Korean government raises questions of just how opposed to North Korean aggression China is, as the attack was traced back to a Chinese IP address.

South Korea's Communications Commission announced on Thursday that it had traced the attack back to China.  Hong Lei, a Chinese foreign ministry spokesman, quickly denied that his nation had anything to do with the punishing assault.  He comments, "We have pointed out many times that hacking is a global issue. It is anonymous and transnational.  Hackers would often use IP addresses from other countries to launch cyberattacks."

While the attack's path through China raises tough questions, it is believed that it was North Korea who authored the code involved in the blast.  Adam Segal, a cybersecurity expert with the Council on Foreign Relations, asserts that North Korea is thought to have carried out a similar attack during a rise in tensions a couple of years ago.  He appears to be referring to 2009, 2010, and 2012 attacks, which struck South Korean banking and media institutions.  South Korean officials blamed those attacks on North Korean hackers.

Shinhan bank
The attack crippled ATMs in South Korea on Wednesday. [Image Source: AP]

The damage from the attack was most secure at the financial institutions.  While one of the banks -- Seoul's Woori Finance Holdings Comp. Ltd. (KRX:053000) -- repelled the attack and stayed open, three other banks -- Shinhan Financial Group Comp., Ltd. (KRX:055550), Nonghyup, and Jeju -- were so badly affected, they were forced to close.  Internet banking, ATMs and telecommunication services were all impacted.

At TV stations, the impact was less pronounced; some editing systems were taken offline.

II. North Korea Accused U.S. of Cyberattacks Last Week

North Korea last week scrapped a 60-year-old armistice agreement that ended the Korean War, announcing its plans to attack South Korea.  Since then the U.S. has deployed B-52 bombers flying over South Korea, ready to strike targets in the North if necessary.  The U.S. is also deploying missile interceptors to prevent the crude nuclear missile Washington believes North Korea to be developing from hitting cities in South Korea, Japan, or the U.S.

The cyberattacks may be a two way street.  Last week North Korea's state-run Korean Central New Agency (KCNA) accused the U.S. and South Korea of "intensive and persistent virus attacks."

North Korea
North Korea is on the verge of war with its neighbor. [Image Source: CNN]
The two nations have long accused each other of cyberwarfare.  In testimony to Congress last year, Gen. James D. Thurman asserted North Korea was spending a large amount to develop cyberoffensive capacity, commenting, "North Korea employs sophisticated computer hackers trained to launch cyberinfiltration and cyberattacks.  Such attacks are ideal for North Korea, providing the regime a means to attack [South Korea and the U.S.] without attribution."

The malware in Wednesday's attacks is a newer version of a strain of malware known as "DarkSeoul".

The U.S. reportedly has carried out a series of similar attacks against Iran.

Source: CNN

"What would I do? I'd shut it down and give the money back to the shareholders." -- Michael Dell, after being asked what to do with Apple Computer in 1997

Most Popular Articles

Copyright 2018 DailyTech LLC. - RSS Feed | Advertise | About Us | Ethics | FAQ | Terms, Conditions & Privacy Information | Kristopher Kubicki