Open

Coming up

Don't miss

Replay


LATEST SHOWS

MEDIAWATCH

No strategy and a beige suit

Read more

THE WORLD THIS WEEK

The World This Week - 29 August 2014 (part 2)

Read more

THE WORLD THIS WEEK

The World This Week - 29 August 2014

Read more

ENCORE!

Alain Choquette: A Hilarious Magician in Paris

Read more

FOCUS

France welcomes Iraqi Christian refugees

Read more

FRANCE IN FOCUS

Emmanuel Macron: A new economy minister with a pro-business agenda

Read more

THE OBSERVERS

More of this year's best Observers stories

Read more

#TECH 24

Changing the world, one video game at a time

Read more

IN THE PAPERS

Socialist Party summer conference kicks off in explosive atmosphere

Read more

  • Exclusive: Fabius warns of further sanctions against Russia

    Read more

  • British killer escapes from French psychiatric hospital

    Read more

  • First case of Ebola confirmed in Senegal

    Read more

  • Police hunt for British boy with brain tumour taken to France

    Read more

  • Chelsea’s Torres set for AC Milan switch

    Read more

  • Ukraine to relaunch NATO membership bid

    Read more

  • France shines in IMF list of world’s promising economists

    Read more

  • Mapping Ukraine: Canada and Russia in ‘tweet for tat’ row

    Read more

  • Obama has 'no strategy yet' on potential Syria strikes

    Read more

  • Netflix to woo French with ‘House of Cards’ set in Marseille

    Read more

  • French businesses ‘hoping for a new Thatcher’

    Read more

  • Syrian refugees surpass 3 million, UN says

    Read more

  • West backs Ukrainian claims of Russian incursion

    Read more

  • Libyan PM resigns as Islamists set up rival administration

    Read more

  • UN says 43 peacekeepers captured in Golan Heights

    Read more

  • The deleted tweets of Manuel Valls

    Read more

  • Peru seizes record 6.5 tonnes of Europe-bound cocaine

    Read more

  • Pakistan army to mediate between PM, protesters

    Read more

  • In pictures: Billions of locusts invade Madagascan capital

    Read more

  • Brad Pitt and Angelina Jolie say ‘I do’ in France

    Read more

Asia-pacific

S. Korean cyber attack traced to Chinese IP address

Text by News Wires

Latest update : 2013-03-21

A cyber attack that shut down thousands of computers at South Korean banks and media outlets this week has been traced to a Chinese IP address, authorities said Thursday, although those responsible could have been operating anywhere in the world.

Investigators have traced a coordinated cyberattack that paralyzed tens of thousands of computers at six South Korean banks and media companies to a Chinese Internet Protocol address, authorities in Seoul said Thursday.

IP addresses, which are unique to each computer connected to the Internet, can easily be manipulated by hackers operating anywhere in the world, and the investigation into who was actually behind Wednesday’s attack and whether they were in China could take weeks. Suspicion for the simultaneous shutdown is still focused on North Korea, which has threatened Seoul and Washington in recent days over U.N. sanctions imposed for its Feb. 12 nuclear test and is accused of waging similar cyberattacks over the past four years.

The cyberattack did not affect the government or military, and there were no immediate reports that customers’ bank records were compromised. But it disabled scores of cash machines across the country, disrupting commerce in this tech-savvy, Internet-dependent country, and renewed questions about South Korea’s Internet security and vulnerability to hackers.

If the attack was in fact carried out by North Korea, the purpose would seem to be to send a tacit message -- and a warning -- to South Korea that Pyongyang is capable of breaching its computer networks.

On Thursday, only one of the six targets, Shinhan Bank, was back online and operating regularly.

South Korean investigators say there is no proof yet that North Korea was behind the attack. However, the outage took place as Pyongyang warned Seoul against holding joint military drills with the U.S. that it considers rehearsals for an invasion.

North Korea also has threatened retaliation for sanctions imposed for the nuclear test, as well as its launch of long-range rocket in December. Pyongyang blames Seoul and Washington for leading the push to punish the North.

The Korean Peninsula has remained in a technical state of war, divided by a heavily militarized border, since the foes signed a truce in 1953. Over the past decade, the two Koreas have engaged in deadly naval skirmishes in waters that both countries claim. And increasingly, their warfare has extended into cyberspace.

Seoul’s National Intelligence Services believes Pyongyang was behind six cyberattacks between 2009 and 2012.

Pyongyang, meanwhile, blamed Seoul and Washington for an Internet shutdown that disrupted its network last week.

“If it plays out that this was a state-sponsored attack, that’s pretty bald-faced and definitely an escalation in the tensions between the two countries,” said James Barnett, former chief of public safety and homeland security for the U.S. Federal Communications Commission.

An ominous question is which other businesses, in South Korea or elsewhere, may also be in the sights of the attacker, said Barnett, who heads the cybersecurity practice at Washington law firm Venable.

“This needs to be a wake-up call,” he said. “This can happen anywhere.”

Wednesday’s attack in South Korea, which disabled some 32,000 computers at broadcasters YTN, MBC and KBS, as well as three banks, appeared to come from “a single organization,” regulators said. The initial findings were based on results from an investigation into one target, Nonghyup Bank, and the investigation is continuing into the shutdown at the five other firms.

A malicious code that spread through the Nonghyup server was traced to an IP address in China, said Cho Kyeong-sik, a spokesman for the state-run Korea Communications Commission.

The attack may also have extended to the United States. The website of the U.S.-based Committee for Human Rights in North Korea also was hacked, with reports on satellite imagery of North Korean prison camps and policy recommendations to the U.S. government deleted from the site, according to executive director Greg Scarlatoiu.

However, experts say signs do not point to Chinese hackers since Chinese hacking, either from Beijing’s cyber-warfare command or freelance hackers, tends to be aimed at collecting intelligence and intellectual property -- not simply at disrupting commerce.

China also is home to a sizable North Korean community, both North Koreans working in the neighboring nation and Chinese citizens of ethnic ancestry who consider North Korea their motherland.

In 2011, computer security software maker McAfee Inc. said North Korea or its sympathizers likely were responsible for a cyberattack against South Korean government and banking websites that year. The analysis also said North Korea appeared to be linked to a massive computer-based attack in 2009 that brought down U.S. government Internet sites. Pyongyang denied involvement.

Previous hacking attacks on commercial ventures have compromised the personal data of millions of customers. Past malware attacks also disabled access to government websites and destroyed files on personal computers.

Last year, North Korea threatened to attack several South Korean news outlets, including KBC and MBC, for reports critical of Pyongyang’s activities.

In recent days, North Korea’s Committee for the Peaceful Reunification of Korea -- a government agency that often targets South Koreans in its push to draw attention to reunification -- warned Seoul’s “reptile media” that the North was prepared to conduct a “sophisticated strike” if its negative coverage continued.

“North Korea has almost certainly done similar attacks before,” said Timothy Junio, a cybersecurity fellow at Stanford University’s Center for International Security and Cooperation. “Part of why this wasn’t more consequential is probably because South Korea took the first major incident seriously and deployed a bunch of organizational and technical innovations to reduce response time during future North Korea attacks.”

South Korea also created a National Cybersecurity Center and Cyber Command modeled after the U.S. Cyber Command. Junio said South Korea’s anti-virus firms also play a large role in stopping hacking attacks.

Immediately after Wednesday’s attack, South Korean regulators distributed anti-virus software to government offices, banks, hospitals and other institutions. It could be days before the targeted companies are back online, and weeks before the investigation is complete.

“Hackers attack media companies usually because of a political desire to cause confusion in society,” said Lim Jong-in, dean of Korea University’s Graduate School of Information Security. “Political attacks on South Korea come from North Koreans.”

(AP)

 

Date created : 2013-03-21

  • NORTH KOREA

    US imposes new sanctions as N. Korea threatens war

    Read more

  • North Korea

    S Korea-US joint drills escalate tensions with North

    Read more

COMMENT(S)