On Wednesday, North Korean leader Kim Jong Un inspected military drills in which drone planes hit targets and rockets shot down mock enemy cruise missiles. Kim told officers the North should “destroy the enemies without mercy so that not a single man can survive to sign a document of surrender when a battle starts,” according to the official Korean Central News Agency.
North Korea also has claimed cyberattacks by the U.S. and South Korea. The North’s official Korean Central News Agency accused the countries of expanding an aggressive stance against Pyongyang into cyberspace with “intensive and persistent virus attacks.”
South Korea denied the allegation and the U.S. military declined to comment.
Lim said he believes hackers in China were likely culprits in the outage in Pyongyang, but that North Korea was probably responsible for Wednesday’s attack.
“Hackers attack media companies usually because of a political desire to cause confusion in society,” he said. “Political attacks on South Korea come from North Koreans.”
Orchestrating the mass shutdown of the networks of major companies would have taken at least one to six months of planning and coordination, said Kwon Seok-chul, chief executive officer of Seoul-based cybersecurity firm Cuvepia Inc.
Kwon, who analyzed personal computers at one of the three broadcasters shut down Wednesday, said he hasn’t yet seen signs that the malware was distributed by North Korea.
“But hackers left indications in computer files that mean this could be the first of many attacks,” he said.
Lim said tracking the source of the outage would take months.
Associated Press writers Sam Kim and Foster Klug in Seoul and Martha Mendoza in San Jose, Calif., contributed to this report.