China, North Korea, Implicated in Cyberattack on South Korea's Banks
March 21, 2013 5:56 PM
comment(s) - last by
Chinese IP address carried out the attack on Wednesday, according to SK officials
flaring tensions with neighboring North Korea
, South Korea was hit on Wednesday by a major cyberattack. The attack left 32,000 servers at media and financial companies damaged, according to government officials. According to South Korea's National Computing and Information Agency the attack affected nine companies -- three broadcaster, four banks, and two insurance companies -- and was carried out via infectious malware.
I. Damaging Cyberattack Came From Chinese IP, NK Suspected
China has officially condemned recent
North Korean nuclear tests
, back harsh new UN sanctions for the first time. But an investigation by the South Korean government raises questions of just how opposed to North Korean aggression China is, as the attack was
traced back to a Chinese IP address
South Korea's Communications Commission announced on Thursday that it had traced the attack back to China. Hong Lei, a Chinese foreign ministry spokesman, quickly denied that his nation had anything to do with the punishing assault. He comments, "We have pointed out many times that hacking is a global issue. It is anonymous and transnational. Hackers would often use IP addresses from other countries to launch cyberattacks."
While the attack's path through China raises tough questions, it is believed that it was North Korea who authored the code involved in the blast. Adam Segal, a cybersecurity expert with the Council on Foreign Relations, asserts that North Korea is thought to have carried out a similar attack during a rise in tensions a couple of years ago. He appears to be referring
to 2009, 2010, and 2012 attacks
, which struck South Korean banking and media institutions. South Korean officials blamed those attacks on North Korean hackers.
The attack crippled ATMs in South Korea on Wednesday. [Image Source: AP]
The damage from the attack was most secure at the financial institutions. While one of the banks -- Seoul's Woori Finance Holdings Comp. Ltd. (
) -- repelled the attack and stayed open, three other banks -- Shinhan Financial Group Comp., Ltd. (
), Nonghyup, and Jeju -- were so badly affected, they were forced to close. Internet banking, ATMs and telecommunication services were all impacted.
At TV stations, the impact was less pronounced; some editing systems were taken offline.
II. North Korea Accused U.S. of Cyberattacks Last Week
North Korea last week scrapped a 60-year-old armistice agreement that ended the Korean War, announcing its plans to attack South Korea. Since then the U.S. has deployed B-52 bombers flying over South Korea, ready to strike targets in the North if necessary. The U.S. is also deploying missile interceptors to prevent the crude nuclear missile Washington believes North Korea to be developing from hitting cities in South Korea, Japan, or the U.S.
The cyberattacks may be a two way street. Last week North Korea's state-run Korean Central New Agency (KCNA) accused the U.S. and South Korea of "intensive and persistent virus attacks."
North Korea is on the verge of war with its neighbor. [Image Source: CNN]
The two nations have long accused each other of cyberwarfare. In testimony to Congress last year, Gen. James D. Thurman asserted North Korea was spending a large amount to develop cyberoffensive capacity, commenting, "North Korea employs sophisticated computer hackers trained to launch cyberinfiltration and cyberattacks. Such attacks are ideal for North Korea, providing the regime a means to attack [South Korea and the U.S.] without attribution."
The malware in Wednesday's attacks is a newer version of a strain of malware known as "DarkSeoul".
The U.S. reportedly has carried out
a series of
This article is over a month old, voting and posting comments is disabled
3/21/2013 11:50:35 PM
Can someone *please* explain to me how China can handwave away attacks that move across the Great Firewall? If their cross-boarder internet is as locked down and watched as they say and as it seems to be, how does traffic move across it without them being able to track it or do anything about it?
RE: Great firewall
3/22/2013 8:19:40 AM
I'm with you. North Korean doesn't strike me as a cyber warfare powerhouse. Their glorious leader doesn't even think the residential districts should be wired, though he does make concessions for the industrial sectors. I have no doubt they could successfully attack South Korea, but getting in and out of the Chinese firewall while making it look like it originated from China seems a bit beyond the capabilities of a nation so opposed to general internet access.
RE: Great firewall
3/22/2013 8:22:59 AM
Government officials are not bound by the same rules that the rest of the Chinese population is which also puts computers outside of the firewall or better yet, Internet Filter.
Just like companies that have firewalls and filters, an infected computer can still access almost anything from within a company. Would be the same for China.
"It's okay. The scenarios aren't that clear. But it's good looking. [Steve Jobs] does good design, and [the iPad] is absolutely a good example of that." -- Bill Gates on the Apple iPad
Intelligence Adviser Warns China's Hacking is Hurting Relations, China Offers Talks
March 12, 2013, 2:27 PM
China Losing Patience as North Korea Threatens Nuclear Strike on U.S.
March 7, 2013, 4:37 PM
North Korea Conducts Third Nuclear Test, Upsets U.N.
February 12, 2013, 6:23 PM
Iran Accuses U.S., Israel of Causing "Unwanted Slowness" on its Internet
October 4, 2012, 4:34 PM
United States Accused of Using Flame to try to Cripple Iran's Economy
June 22, 2012, 1:31 PM
Microsoft Protecting International Customer Data Through Increased Encryption, Litigation
December 5, 2013, 6:15 PM
Hackers Nab 2 Million Login Credentials from Facebook, Gmail, Twitter
December 5, 2013, 1:00 PM
Dutch Gov. to Google: Don't Spy on Us
December 2, 2013, 1:21 PM
Quick Note: Amazon to Use Unmanned Drones for 30 Minute Package Deliveries
December 2, 2013, 11:51 AM
Quick Note: Wi-Fi Hack Prompts European Parliament to Eliminate Access
November 29, 2013, 11:05 AM
NYT: NSA May Have Spied on Google, Yahoo Data Centers Via Fiber-Optic Cables
November 26, 2013, 3:35 PM
Most Popular Articles
NSA Snares Americans' Porn Viewing Histories in Effort to Target Muslims
December 1, 2013, 9:00 PM
Coalition of 20+ Tech Firms Backs MRAM as Potential DRAM, NAND Replacement
November 29, 2013, 11:59 PM
Dow Chemical to NYC City Council: You Don't Even Know What Styrofoam is!
December 2, 2013, 8:30 PM
Fed Up With Cheating OEMs, Microsoft Trolls Chromebooks in New Ad
November 27, 2013, 4:09 PM
OCZ Goes Bankrupt, SSD Assets are Targeted by Toshiba
December 1, 2013, 9:58 PM
Latest Blog Posts
Global Cyber Espionage Concerns Reveal Growing Cyber Armies
Nov 29, 2013, 11:04 AM
Is The Period Becoming an Expression of Anger?
Nov 26, 2013, 2:02 PM
NSA and Congress -- You Will Never Kill the Constitution, It's an Idea
Nov 10, 2013, 2:00 PM
AT&T Explores $100B+ USD Deal to Acquire Vodafone's European Operations
Nov 4, 2013, 7:34 AM
U.S. Army Developing Cyber, Electronic War Arsenal
Oct 31, 2013, 4:49 PM
More Blog Posts
Copyright 2013 DailyTech LLC. -
Terms, Conditions & Privacy Information