South Korea hit by coordinated cyber attack
An apparently sophisticated and coordinated cyber attack has caused widespread disruption to computer networks and three of South Koreas largest broadcasters and two of the country’s banks.
The attack first showed itself at 2pm on Wednesday when computers at KBS, MBC and YTN shutdown. Upon restarting, the computers displayed error messages saying they were unable to boot. Apparently the boot record or entire operating system has been removed from the computers.
ATMs and online banking service at Shinhan and Nonghyup Banks are also reported to have failed and Internet service provider LG Uplus also said its service was affected, according to a report on MBN.
South Korea’s Blue House said it had assembled a team to urgently investigate the problem.
As with any major cyber attack in South Korea, suspicion has quickly fallen north of the border to Pyongyang.
The suspicion is especially strong since Wednesday’s trouble comes less than a week after two days of disruption to North Korean Internet sites. The North Korean sites became unavailable last Thursday and remained difficult or impossible to access until late Friday.
Renesys, which specializes in network analysis, said this week the cause of the problem was almost certainly on North Korea’s internal network, but it was difficult to say whether it was caused by an attack or something less sinister, like a power failure or configuration error.
Loxley Pacific, the Thai company that operates the connection, told The Associated Press it was investigating an attack and KCNA blamed the outage on a cyber attack carried out by the U.S. and its allies.
“Intensive and persistent virus attacks are being made every day on internet servers operated by the DPRK. These cannot be construed otherwise than despicable and base acts of the hostile forces consternated by the toughest measures taken by the DPRK after launching an all-out action,” KCNA said.
North Korea has been blamed for several previous cyber attacks on South Korean Internet sites and computer networks, including a series of coordinated attacks against government and bank web sites in 2009 and 2011.
A report into the 2011 attacks by U.S. security company McAfee found North Korea or parties closely tied to the country were almost certainly behind the attacks, although it stopped just short of directly accusing the country. Many cyber attacks are sophisticated enough to disguise their source, so even if a source is thought to be identified it could be incorrect.
A big difference between those attacks and what appears to have happened on Wednesday is the impact on PCs. The 2009 and 2011 actions were distributed denial of service attacks, often abbreviated to DDoS, which involve sending massive amounts of traffic to web sites so they become overloaded and cannot handle legitimate traffic. They rarely do any lasting damage.
|Print article||This entry was posted by Martyn Williams on March 20, 2013 at 16:53, and is filed under Hacking, Internet, Security, Websites. Follow any responses to this post through RSS 2.0. You can leave a response or trackback from your own site.|
No comments yet.
about 1 month ago - No comments
The various public and private radio stations that aim broadcasts at North Korea have just refreshed their broadcast schedules for the winter season. In addition to the publicly-funded outlets, there are several private stations. Their editorial balance at the stations differ although none are pro-regime stations. Some are jammed by North Korea making reception difficult —…
about 2 months ago - No comments
Despite living in one of the most wired societies in the world, South Korean Internet users enjoy a “partly free” Internet due to government censorship of content, according to the results of a global survey on Internet freedom. Censorship of content, which includes many websites that carry North Korean content, has shot up in recent…
about 2 months ago - 1 comment
South Korean defense officials plan to soon launch a high-tech blimp just south of the disputed maritime border with North Korea in November to get a better look into the neighboring country, according to a report in Stars and Stripes. The airship will hover over the island group that includes Yeonpyong, which is the island that was…
about 4 months ago - No comments
Numerous broadcasts of North Korea’s external radio service and some of the country’s jamming of foreign radio stations has been off air in the last few days, according to several reports. Voice of Korea, which broadcasts in several languages on shortwave to audiences outside of the country, missed many of its scheduled transmissions on July…
about 5 months ago - 1 comment
Tuesday’s series of denial of service attacks on major North Korean websites caused delays and frustration for legitimate users but doesn’t appear to have been as large or successful as the first round of attacks in late March and early April this year. Analysis by NorthKoreaTech.org of data related to the attacks shows the so-called…
about 8 months ago - No comments
The various public and private radio stations that aim broadcasts at North Korea have just refreshed their broadcast schedules for the summer season. In addition to the publicly-funded outlets, there are several private stations. Their editorial balance at the stations differ although none are pro-regime stations. Some are jammed by North Korea making reception difficult —…
about 8 months ago - 4 comments
Hot on the heels of a series of attacks that have seen its Internet connectivity severely disrupted, the DPRK appears to be adding an additional route through which it links to the global Internet. The new link began appearing in Internet addressing tables on Monday and connects from Star, the country’s sole Internet service provider,…
about 8 months ago - No comments
The mysterious cyber attack that hit an estimated 32,000 computers at South Korean TV stations and banks last week is looking more interesting, based on the latest analysis from computer security companies. The first immediate analysis concluded that the malicious software was pretty unsophisticated, in part because it was based on a piece of malware that…
about 8 months ago - 6 comments
A cyber attack on three of South Korea’s major broadcasters and several of its major banks appears to have been caused by a relatively unsophisticated piece of software, security researchers said Wednesday. [Story updated, see below] The attacks, which began at around 2pm local time on Wednesday (5:00 UTC) left desktop and laptop computers unable…
about 8 months ago - 1 comment
Last week’s Internet outage that pushed North Korean websites offline for almost two days was probably caused by a problem inside the country, not on an external connection, an Internet researcher said Monday. “The impacted equipment was within North Korea,” said Doug Madory, a senior research engineer at Renesys. On Friday, he published a detailed…