A hacking attack on the servers of South Korean broadcasters and banks originated from an IP address based in China, officials in Seoul said on Thursday, raising suspicions the intrusion came from North Korea.
An unnamed official from South Korea's presidential office was quoted by the Yonhap news agency as saying the discovery of the IP address indicated Pyongyang was responsible for the attack on Wednesday.
At least three South Korean broadcasters were targetted by hackers (Image credit: Getty Images)
A previous attack on a South Korean newspaper that the government in Seoul traced back to North Korea also used a Chinese IP address.
“We've identified that a Chinese IP is connected to the organisations affected,” a spokesman for South Korea's Communications Commission told a press conference.
The attack brought down the network servers of television broadcasters YTN, MBC and KBS as well as two major commercial banks, Shinhan Bank and NongHyup Bank. South Korea raised its alert levels in response.
Investigations of past hacking incidents on South Korean organisations have been traced to Pyongyang's large army of computer engineers trained to infiltrate the South's computer networks.
“There can be many inferences based on the fact that the IP address is based in China,” the communications commission's head of network policy, Park Jae-moon said. “We've left open all possibilities and are trying to identify the hackers.“
It took the banks hours to restore operations. Damage to the servers of the TV networks was believed to be more severe, although broadcasts were not affected.
About 32,000 computers at the six organisations were affected, according to the South's state-run Korea Internet Security Agency, adding it would take up to five days to fully restore their functions.
North Korea has in the past targeted South Korea's conservative newspapers, banks and government institutions.
The biggest hacking effort attributed to Pyongyang was a 10-day denial of service attack in 2011 that antivirus firm McAfee, part of Intel Corp, dubbed “Ten Days of Rain”. It said that attack was a bid to probe the South's computer defences in the event of a real conflict.
North Korea last week said it had been a victim of cyber attacks, blaming the United States and threatened retaliation.
Publish date: March 21, 2013 9:14 am| Modified date: December 19, 2013 10:17 am
Chinese cyber crime, Chinese hackers, Cyber crime in China, Cyber crime in South Korea, General, Hacking, KISA, Korea Information Security Agency, North Korea hackers, South Korea broadcasters hacked, South Korea hacking, South Korea KBS, South Korea MBC, South Korea YTN