South Korea cyberattack traced to U.S. and Europe, not China

Some of the malicious software that paralyzed computer networks at major South Korean banks and TV broadcasters last week originated in the United States and three European countries, authorities in Seoul said Monday.

“We traced some IP [Internet protocol] addresses found on [affected] computer networks to overseas sources like the U.S. and a few European countries,” an official of Seoul’s telecommunication regulator, the Korea Communications Commission (KCC), told the Chosun Ilbo newspaper Monday.


SEE ALSO: Experts: North Korea training teams of ‘cyberwarriors’


Yonhap news agency reported that Seoul’s National Police Agency had asked the United States and three unnamed European nations to assist in the investigation by providing help in identifying the users of the IP addresses.

Three national South Korean TV broadcasters and three major banks suffered a massive cyberattack Wednesday when malicious software, or malware, wiped all the data from more than 30,000 computers, knocking bank websites offline and closing ATMs.

Following the attack, the KCC initially said it had traced the malware to a Chinese IP address, fueling speculation that North Korea might be behind the incident.

But the next day, the commission said it had been mistaken, blaming the rush to make public as much information about the attack as possible.

© Copyright 2014 The Washington Times, LLC. Click here for reprint permission.

About the Author
Shaun Waterman

Shaun Waterman

Shaun Waterman is an award-winning reporter for The Washington Times, covering foreign affairs, defense and cybersecurity. He was a senior editor and correspondent for United Press International for nearly a decade, and has covered the Department of Homeland Security since 2003. His reporting on the Sept. 11 Commission and the tortuous process by which some of its recommendations finally became ...

Latest Stories

Latest Blog Entries

Comments
blog comments powered by Disqus
TWT Video Picks