China, North Korea, Implicated in Cyberattack on South Korea's Banks
March 21, 2013 5:56 PM
comment(s) - last by
Chinese IP address carried out the attack on Wednesday, according to SK officials
flaring tensions with neighboring North Korea
, South Korea was hit on Wednesday by a major cyberattack. The attack left 32,000 servers at media and financial companies damaged, according to government officials. According to South Korea's National Computing and Information Agency the attack affected nine companies -- three broadcaster, four banks, and two insurance companies -- and was carried out via infectious malware.
I. Damaging Cyberattack Came From Chinese IP, NK Suspected
China has officially condemned recent
North Korean nuclear tests
, back harsh new UN sanctions for the first time. But an investigation by the South Korean government raises questions of just how opposed to North Korean aggression China is, as the attack was
traced back to a Chinese IP address
South Korea's Communications Commission announced on Thursday that it had traced the attack back to China. Hong Lei, a Chinese foreign ministry spokesman, quickly denied that his nation had anything to do with the punishing assault. He comments, "We have pointed out many times that hacking is a global issue. It is anonymous and transnational. Hackers would often use IP addresses from other countries to launch cyberattacks."
While the attack's path through China raises tough questions, it is believed that it was North Korea who authored the code involved in the blast. Adam Segal, a cybersecurity expert with the Council on Foreign Relations, asserts that North Korea is thought to have carried out a similar attack during a rise in tensions a couple of years ago. He appears to be referring
to 2009, 2010, and 2012 attacks
, which struck South Korean banking and media institutions. South Korean officials blamed those attacks on North Korean hackers.
The attack crippled ATMs in South Korea on Wednesday. [Image Source: AP]
The damage from the attack was most secure at the financial institutions. While one of the banks -- Seoul's Woori Finance Holdings Comp. Ltd. (
) -- repelled the attack and stayed open, three other banks -- Shinhan Financial Group Comp., Ltd. (
), Nonghyup, and Jeju -- were so badly affected, they were forced to close. Internet banking, ATMs and telecommunication services were all impacted.
At TV stations, the impact was less pronounced; some editing systems were taken offline.
II. North Korea Accused U.S. of Cyberattacks Last Week
North Korea last week scrapped a 60-year-old armistice agreement that ended the Korean War, announcing its plans to attack South Korea. Since then the U.S. has deployed B-52 bombers flying over South Korea, ready to strike targets in the North if necessary. The U.S. is also deploying missile interceptors to prevent the crude nuclear missile Washington believes North Korea to be developing from hitting cities in South Korea, Japan, or the U.S.
The cyberattacks may be a two way street. Last week North Korea's state-run Korean Central New Agency (KCNA) accused the U.S. and South Korea of "intensive and persistent virus attacks."
North Korea is on the verge of war with its neighbor. [Image Source: CNN]
The two nations have long accused each other of cyberwarfare. In testimony to Congress last year, Gen. James D. Thurman asserted North Korea was spending a large amount to develop cyberoffensive capacity, commenting, "North Korea employs sophisticated computer hackers trained to launch cyberinfiltration and cyberattacks. Such attacks are ideal for North Korea, providing the regime a means to attack [South Korea and the U.S.] without attribution."
The malware in Wednesday's attacks is a newer version of a strain of malware known as "DarkSeoul".
The U.S. reportedly has carried out
a series of
This article is over a month old, voting and posting comments is disabled
3/21/2013 11:50:35 PM
Can someone *please* explain to me how China can handwave away attacks that move across the Great Firewall? If their cross-boarder internet is as locked down and watched as they say and as it seems to be, how does traffic move across it without them being able to track it or do anything about it?
RE: Great firewall
3/22/2013 8:19:40 AM
I'm with you. North Korean doesn't strike me as a cyber warfare powerhouse. Their glorious leader doesn't even think the residential districts should be wired, though he does make concessions for the industrial sectors. I have no doubt they could successfully attack South Korea, but getting in and out of the Chinese firewall while making it look like it originated from China seems a bit beyond the capabilities of a nation so opposed to general internet access.
RE: Great firewall
3/22/2013 8:22:59 AM
Government officials are not bound by the same rules that the rest of the Chinese population is which also puts computers outside of the firewall or better yet, Internet Filter.
Just like companies that have firewalls and filters, an infected computer can still access almost anything from within a company. Would be the same for China.
"DailyTech is the best kept secret on the Internet." -- Larry Barber
IDC: Android Army of Tablets to Surge Past Apple's iPad This Year
March 13, 2013, 9:00 AM
Quick Note: EA Will Add More Servers for "Overworked" SimCity
March 7, 2013, 1:24 PM
Chrysler Takes the Plunge, Will Offer V6 Turbodiesel in Ram 1500 This Year
February 14, 2013, 9:46 AM
Iran Accuses U.S., Israel of Causing "Unwanted Slowness" on its Internet
October 4, 2012, 4:34 PM
United States Accused of Using Flame to try to Cripple Iran's Economy
June 22, 2012, 1:31 PM
Tech's Biggest Loser on Tax Day: eBay Pays Nearly 99 Percent Tax Rate
April 15, 2015, 3:28 PM
Death and Dragons -- Report Claims Game of Thrones Hit by Piracy "Tidal Wave"
April 10, 2015, 8:37 AM
Court Blocks Twitter and YouTube in Turkey After Pro-Communist Attack in Istanbul
April 6, 2015, 10:53 AM
In Graphics and Quotes: $10.4 Billion Charter & Bright House Merger
April 2, 2015, 5:19 PM
WSJ Report Implies That Google Leveraged Lobbying to Kill Antitrust Abuse Probe
March 25, 2015, 5:37 PM
Nationalist Hackers From Turkey Cause Chaos, Deface Dozens of Sites
March 16, 2015, 12:29 PM
Most Popular Articles
Raytheon $1.9 Billion Purchase of Websense Raises Tough Questions
April 20, 2015, 1:57 PM
After Record-Setting Week, Samsung Predicts 70 Million GS6/GS6 Edge Sales
April 17, 2015, 8:39 PM
HBO to VPN HBO Now Users: Prove You Live in U.S. or We Will Terminate You
April 21, 2015, 12:17 PM
Testers Trolled by Promise of Uninstallable Windows 10 Preview Build 10061
April 16, 2015, 2:52 PM
Apple Plans In-Store Workshops to Teach Users How to Use Its Smartwatch
April 17, 2015, 1:02 PM
Latest Blog Posts
Sceptre Airs 27", 120 Hz. 1080p Monitor/HDTV w/ 5 ms Response Time for $220
Dec 3, 2014, 10:32 PM
Costco Gives Employees Thanksgiving Off; Wal-Mart Leads "Black Thursday" Charge
Oct 29, 2014, 9:57 PM
"Bear Selfies" Fad Could Turn Deadly, Warn Nevada Wildlife Officials
Oct 28, 2014, 12:00 PM
The Surface Mini That Was Never Released Gets "Hands On" Treatment
Sep 26, 2014, 8:22 AM
ISIS Imposes Ban on Teaching Evolution in Iraq
Sep 17, 2014, 5:22 PM
More Blog Posts
Copyright 2015 DailyTech LLC. -
Terms, Conditions & Privacy Information