Seoul: North Korea behind March hacking

North Korea was behind the cyberattack in March that wiped hard drives on more than 30 000 computers at TV stations and disrupted banks in South Korea, a spokesperson for its internet security agency said on Wednesday, ratcheting up the growing tension between the two sides another notch.

The agency said six computers in the North accessed computer servers in the South using more than a thousand access points on the internet, called IP addresses, based overseas. Those were then used to set up the attack.

A spokesperson told the Associated Press that the attack, planned up to eight months earlier, had similarities to past North Korean hacking attempts, which he said were carried out by an espionage agency run by the military there.

That will raise concerns that even a minor conflict between the two nations could be presaged by a cyberattack aimed at critical infrastructure in the South, which is one of the most networked nations in the world – in stark contrast to the North, which is one of the least networked.

Aggressive language
North Korea has been using increasingly aggressive language in public statements: on Tuesday it warned foreigners to leave the South for "safe places", implying a nuclear war was imminent. The two nations have never signed a peace treaty; the three-year-long Korean war ended in a ceasefire, but not a peace treaty. They have remained at war despite the peace that has reigned since July 1953.

The online realm has become the most active frontier in what is so far a phoney war between the two nations. North Korea's Twitter feed was hacked last week, apparently by hackers from the Anonymous collective.

The cyberattack in March was quickly linked to IP addresses in China by authorities in Seoul, who were already suspicious that the North was behind the attacks. Personal computers in broadcasters YTN, MBC and KBS had their hard drives wiped, while cash machines across the country were disabled and about 32 000 computers at two major commercial banks, Shinhan Bank and NongHyup Bank, were affected, according to the South's state-run Korea Internet Security.

Soon after the attack security companies pointed to North Korea as the likely culprit, saying that the tools used for the incursion were outdated by modern hacking standards, and that the targets were not the kind that unaffiliated "hacktivists" would target. – © Guardian News and Media 2013

We make it make sense

If this story helped you navigate your world, subscribe to the M&G today for just R30 for the first three months

Subscribers get access to all our best journalism, subscriber-only newsletters, events and a weekly cryptic crossword.”

Charles Arthur
Charles Arthur works from Tranquility Base Hotel & Casino. Journalist, speaker, moderator. The Guardian’s Technology editor 2009-14. Coming May ‘18: Cyber Wars, on hacking. Prev: Digital Wars: Apple v Google v Microsoft Charles Arthur has over 74656 followers on Twitter.

Related stories


Already a subscriber? Sign in here


Latest stories

Why are we still fighting for equal rights in the...

Women find it more difficult to find employment, are often paid less and have limited opportunities to climb to leadership positions

ANC integrity commission calls for Mkhize’s suspension, labels Kodwa a...

The ANC’s integrity commission has criticised the party’s officials and the national executive committee for suppressing and ignoring its recommendations in its annual report

Inequality defines the nature of South Africa’s economy

This cannot be rectified without redistributing wealth and property – and therefore power

Don’t privatise electricity in South Africa

South Africa must reject green capitalism and develop a public pathway to energy security

press releases

Loading latest Press Releases…