A Chinese Internet address was the source of the cyberattacks that hit South Korean banks and broadcasters Wednesday, wiping the memories of as many as 32,000 computers and shutting down ATMs and online banking, authorities in Seoul said Thursday.
“Unidentified hackers used a Chinese [Internet protocol] address to contact servers of the six affected organizations and plant the malware which attacked their computers,” Park Jae-moon, director of network policy at Korea Communications Commission, South Korea’s telecommunications regulator, said in a statement.
South Korean investigators said they have no proof that North Korea was behind the attack.
Wednesday’s cyberattacks, the largest against South Korea in at least two years, came amid rising tensions on the Korean Peninsula and just days after North Korea accused the United States and its South Korean allies of knocking several of Pyongyang’s websites offline last week.
North Korean leaders have ratcheted up their bellicose rhetoric recently. On March 11, Pyongyang said it had scrapped the cease-fire that halted fighting in the Korean War in 1953, though the two sides technically remain in a state of hostilities. However, the U.N. said that neither side can unilaterally end the truce.
Pyongyang was blamed for cyberattacks in 2009 and 2011 that also had targeted South Korean financial institutions and government agencies.
In 2011, computer security software maker McAfee Inc. said North Korea or its sympathizers likely were responsible for a cyberattack against South Korean government and banking websites that year.
The analysis also said North Korea appeared to be linked to a massive computer-based attack in 2009 that brought down U.S. government Internet sites. Pyongyang denied any involvement.
While authorities in Seoul have been investigating the attacks, the three broadcasters and three banks hit said they managed to get their networks and services back online by early Thursday, Yonhap reported.
“We successfully recovered our mainstay network related to programming and advertising this morning, and normalized our service,” an official of the public broadcaster KBS told the news agency. “But we are still working to recover around 5,000 personal computers that came under the attack, and our Web site is still inaccessible.”
The two other broadcasters and the financial companies also said they had recovered their networks, while more work will be required to restore their hundreds of personal computers, Yonhap reported.
⦁ This article is based in part on wire service reports.
© Copyright 2013 The Washington Times, LLC. Click here for reprint permission.
Shaun Waterman is an award-winning reporter for The Washington Times, covering foreign affairs, defense and cybersecurity. He was a senior editor and correspondent for United Press International for nearly a decade, and has covered the Department of Homeland Security since 2003. His reporting on the Sept. 11 Commission and the tortuous process by which some of its recommendations finally became ...
'Your papers, please' must never be heard in America
Independent voices from the TWT Communities
Empowering mind/body/spirit and health dialogue along with cutting-edge, conscious social, political, and world commentary with Adam Omkara. Join the Evolution!
Born in 1930 in rural Missouri, Charles Vandegriffe, Sr., brings his time and place to the Communities.
Join the Communities and submit your column in response to one written, or on something totally new and unique. We want to hear from you
Entering the world of first time parents, there are lots of secrets unveiled.
Benghazi: The anatomy of a scandal
Vietnam Memorial adds four names
Cinco de Mayo on the Mall