South Korea hit by coordinated cyber attack
An apparently sophisticated and coordinated cyber attack has caused widespread disruption to computer networks and three of South Koreas largest broadcasters and two of the country’s banks.
The attack first showed itself at 2pm on Wednesday when computers at KBS, MBC and YTN shutdown. Upon restarting, the computers displayed error messages saying they were unable to boot. Apparently the boot record or entire operating system has been removed from the computers.
ATMs and online banking service at Shinhan and Nonghyup Banks are also reported to have failed and Internet service provider LG Uplus also said its service was affected, according to a report on MBN.
South Korea’s Blue House said it had assembled a team to urgently investigate the problem.
As with any major cyber attack in South Korea, suspicion has quickly fallen north of the border to Pyongyang.
The suspicion is especially strong since Wednesday’s trouble comes less than a week after two days of disruption to North Korean Internet sites. The North Korean sites became unavailable last Thursday and remained difficult or impossible to access until late Friday.
Renesys, which specializes in network analysis, said this week the cause of the problem was almost certainly on North Korea’s internal network, but it was difficult to say whether it was caused by an attack or something less sinister, like a power failure or configuration error.
Loxley Pacific, the Thai company that operates the connection, told The Associated Press it was investigating an attack and KCNA blamed the outage on a cyber attack carried out by the U.S. and its allies.
“Intensive and persistent virus attacks are being made every day on internet servers operated by the DPRK. These cannot be construed otherwise than despicable and base acts of the hostile forces consternated by the toughest measures taken by the DPRK after launching an all-out action,” KCNA said.
North Korea has been blamed for several previous cyber attacks on South Korean Internet sites and computer networks, including a series of coordinated attacks against government and bank web sites in 2009 and 2011.
A report into the 2011 attacks by U.S. security company McAfee found North Korea or parties closely tied to the country were almost certainly behind the attacks, although it stopped just short of directly accusing the country. Many cyber attacks are sophisticated enough to disguise their source, so even if a source is thought to be identified it could be incorrect.
A big difference between those attacks and what appears to have happened on Wednesday is the impact on PCs. The 2009 and 2011 actions were distributed denial of service attacks, often abbreviated to DDoS, which involve sending massive amounts of traffic to web sites so they become overloaded and cannot handle legitimate traffic. They rarely do any lasting damage.
|Print article||This entry was posted by Martyn Williams on March 20, 2013 at 16:53, and is filed under Hacking, Internet, Security, Websites. Follow any responses to this post through RSS 2.0. You can leave a response or trackback from your own site.|
No comments yet.
about 3 weeks ago - No comments
As a computer-based war-game, the Ulchi Freedom Guardian exercise that begins this week in South Korea requires lots and lots of computers. In pictures released Thursday by the U.S. Department of Defense, some of those computers and the complexity of the set-up can be seen. The images and a video show the inside of the…
about 4 months ago - 2 comments
North Korea strongly denied again on Sunday having anything to do with unmanned aircraft discovered crashed on the South Korean side of the inter-Korean border. Last week, the South Korean government said it had concluded an investigation into the incident and concluded the three drones were launched from North Korea. Among its evidence, Seoul said…
about 8 months ago - 1 comment
A recently-launched iPhone app that delivers articles from the Korean Central News Agency to iPhones and iPads has been banned in South Korea. The app, iJuche, was developed and published in late 2013 and was highlighted on NorthKoreaTech earlier this week. That publicity was apparently enough to get it blocked. “I just got a call…
about 8 months ago - 1 comment
A South Korean businessman has been arrested by local authorities on suspicion of passing classified information and video and audio system technology to North Korea, Yonhap reported on Saturday. The report said the suspect, identified only as a 54-year-old man called “Kang,” worked with agents of North Korea’s Reconnaissance General Bureau to pass the information.…
about 10 months ago - No comments
The various public and private radio stations that aim broadcasts at North Korea have just refreshed their broadcast schedules for the winter season. In addition to the publicly-funded outlets, there are several private stations. Their editorial balance at the stations differ although none are pro-regime stations. Some are jammed by North Korea making reception difficult —…
about 11 months ago - No comments
Despite living in one of the most wired societies in the world, South Korean Internet users enjoy a “partly free” Internet due to government censorship of content, according to the results of a global survey on Internet freedom. Censorship of content, which includes many websites that carry North Korean content, has shot up in recent…
about 11 months ago - 1 comment
South Korean defense officials plan to soon launch a high-tech blimp just south of the disputed maritime border with North Korea in November to get a better look into the neighboring country, according to a report in Stars and Stripes. The airship will hover over the island group that includes Yeonpyong, which is the island that was…
about 1 year ago - No comments
Numerous broadcasts of North Korea’s external radio service and some of the country’s jamming of foreign radio stations has been off air in the last few days, according to several reports. Voice of Korea, which broadcasts in several languages on shortwave to audiences outside of the country, missed many of its scheduled transmissions on July…
about 1 year ago - 1 comment
Tuesday’s series of denial of service attacks on major North Korean websites caused delays and frustration for legitimate users but doesn’t appear to have been as large or successful as the first round of attacks in late March and early April this year. Analysis by NorthKoreaTech.org of data related to the attacks shows the so-called…
about 1 year ago - No comments
The DPRK is loudly protesting the preliminary results of a South Korean investigation that found it was behind widespread computer disruption that hit several TV stations and banks on March 20. [Updated, see below.] The computer attacks wiped clean the hard disk drives of around 48,000 personal computers and servers inside broadcasters KBS, MBC and YTN, and the…