The Inquirer-Home

South Korea cyber attacks probably didn't come from China, regulator admits

Attacks are traced back to one of the country's affected banks
Fri Mar 22 2013, 14:09
security risk management

SOUTH KOREA is none the wiser as to where the cyber attacks launched against it earlier this week originated from, despite the country's communications regulator having traced them back to one of its banks.

The Korea Communications Commission (KCC), which first pointed the finger at North Korea, then China, said today that further investigation into the hacking - which brought down six organisations on Wednesday including broadcasters and banks - showed that the attacks might have come from a computer in one of the affected banks.

The country's telecoms regulator could not immediately determine who was behind the attack when it struck on Wednesday, but suspected that North Korea was involved.

KCC then linked the hacks to China on Thursday, however officials underlined that though the hackers used what appeared to be a Chinese IP address to plant the malicious code, they could have routed their attacks through a Chinese address to cover their true location and identities.

It seems their suspicions were correct, as now the regulator has changed its mind again. Though the attacks now seem to have originated from an affected bank, officials have said today they still believe it was orchestrated from abroad.

The large scale cyber attack was reported by South Korea's national broadcasters KBS, MBC and YTN shortly after 2pm local time Wednesday, with their network systems having been crippled by the attacks.

The three broadcasters were said to experience a locked error screen on their computers, which could not be restarted, while unconfirmed reports suggested that the Shinhan bank was also affected, bringing down its internet banking services and ATM machines.

Security firm Kaspersky has reason to believe that the attention seeking nature of the attacks means that they likely were mounted by a non-affiliated rogue group.

"Obviously, the attacks were designed to be 'loud' - the victims are broadcasting companies and banks. This makes us think we are not dealing with a serious, determined adversary but script kiddies or hacktivists looking for quick fame," read Kaspersky's statement. µ

 

Share this:

blog comments powered by Disqus
Advertisement
Subscribe to INQ newsletters

Sign up for INQbot – a weekly roundup of the best from the INQ

Advertisement
INQ Poll

Coding challenges

Who’s responsible for software errors?