Skip to main content

South Korea: North was behind cyber attacks in March

As tensions continue to escalate on the Korean Peninsula, South Korea has today stated that the North was behind the devastating cyber attacks (opens in new tab) that paralysed scores of computers at national banks and broadcasters in March.

In the immediate aftermath of the attacks - which infected some 48,000 machines belonging to the Shinhan, NongHyup and Jeju banks, and KBS, MBC and YTN TV stations – South Korean authorities were reluctant to point the finger of blame before a full investigation had taken place. But having scrutinised the malicious software involved, the government has singled out its Northern foes over the incident in an announcement sure to heighten animosity in the region.

"An analysis of cyber terror access logs, malicious code and North Korean intelligence showed that the attack methods were similar to those used by the North's Reconnaissance General Bureau, which has led hacking attacks against South Korea," Lee Seung-won, an official at the South’s Ministry of Science, ICT & Future Planning, said in a press conference, reports Yonhap (opens in new tab).

Officials say they have collected evidence showing the North had been preparing the attacks since June 2012, while a host of anti-North websites were also struck by malware from Pyongyang days after the banking and TV networks were targeted, it has been revealed.

Providing more details, the head of South Korea’s Internet Security Centre, Chun Kil-soo, said, "North Korean PCs first used local infiltration routes to test the attack orders in February,” and added that of the 76 pieces of malware used in the March incident, 18 tell-tale strands of code had been used by North Korean hackers in previous attacks.

Taking action to safeguard its digital infrastructure as well as its physical, South Korea last week furthered a cyber alliance with the US (opens in new tab), which will bring greater strategy collaboration and intelligence sharing in the face of North Korean aggression.

Image: Flickr (Cyber Security at the MoD)

Will began working life as a technology journalist at ITProPortal as Senior Staff Writer. He's worked as a Copywriter, then Creative Lead across video, social, email, web and print. He is currently a Senior Content Strategist at Zone.