Security Experts:

Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Nation-State

South Korea Blames North for Recent Cyber Attack

SEOUL – South Korea on Tuesday blamed North Korea for a crippling cyber attack last month against government and media websites, including the president’s office.

SEOUL – South Korea on Tuesday blamed North Korea for a crippling cyber attack last month against government and media websites, including the president’s office.

The accusation came a day before the two Koreas are to hold fresh talks on reopening their joint industrial zone, amid fading hopes of an early agreement following months of friction.

The South’s science ministry said hackers in the attack waged from June 25 to July 1 used at least one IP address that had been utilized in earlier attacks blamed on the North.

RelatedCyber War is a Reality World Must Fight

“North Korea is believed to be behind the attack,” senior ministry official Park Jae-Moon told reporters. The South also blamed the North for major cyber-intrusions in 2009 and 2011 that targeted the South’s financial institutions and government agencies.

And Seoul accused Pyongyang’s military intelligence agency of launching a major cyber attack in March, which shut down the networks of three TV broadcasters and crippled operations at three banks.

The malware used in last month’s attack was found to be a variation of that used in the March 20 cyber attack, Park said.

Almost all websites and servers of 69 government offices and private organizations targeted in the June attack were now operating normally, he said.

“The cyber attack seriously undermined the country’s image by altering the websites of symbolic government organisations, such as the presidential office,” the science ministry said in a statement.

It said the attackers might have stolen some personal information through the website of the presidential office.

The June onslaught began on the anniversary of the outbreak of the Korean War in 1950, after hacking group Anonymous claimed to have attacked pro-North Korean websites.

It was well prepared and more carefully planned than previous attacks, the ministry said, adding the North had then tried to throw the South off the scent by assuming the identity of Anonymous.

North Korea is believed to have a cyber warfare unit staffed by around 3,000 people, analysts say. In response, the South set up a special cyber command unit in 2010.

The cyber attacks have prompted the South to double its Internet security budget and to train 5,000 experts, amid growing concern over its vulnerability.

McAfee said in a report last week that the March onslaught was part of a broad campaign of cyber espionage which dates back at least to 2009.

It said it had found a pattern of sophisticated attacks, including efforts to wipe away traces that could lead to detection.

The March attack followed heightened military tensions sparked by Pyongyang’s nuclear test in February.

Tension has subsidised in recent weeks. The two Koreas have agreed in principle to reopen their jointly-run industrial estate at Kaesong, which shut down in April as relations soured.

A series of meetings have been held at the estate, which opened in 2004 10 kilometres (six miles) north of the heavily-fortified border as a rare symbol of cooperation.

But little progress has been made amid squabbles over which side should take responsibility for the suspension and Pyongyang’s refusal to accept Seoul’s demand for firm safeguards against another unilateral shutdown.

The zone had long remained resilient to turbulence in ties but eventually became the most high-profile victim of the latest flare-up.

The North, citing perceived hostility by the South and Seoul’s joint army exercises with the US, withdrew all its 53,000 workers in April from the 123 South Korean-owned factories.

RelatedSouth Korea Cyber Attack Tied to DarkSeoul Crew: Symantec

Related‘PinkStats’ Malware Used in Attacks Against South Korea, Others

 

RelatedSouth Korea Sounds Alert After Official Websites Hacked

Related: Cyber War is a Reality World Must Fight

Written By

AFP 2023

Click to comment

Expert Insights

Related Content

Network Security

NSA publishes guidance to help system administrators identify and mitigate cyber risks associated with transitioning to IPv6.

Cyberwarfare

Websites of German airports, administration bodies and banks were hit by DDoS attacks attributed to Russian hacker group Killnet

Nation-State

The North Korean APT tracked as TA444 is either moonlighting from its previous primary purpose, expanding its attack repertoire, or is being impersonated by...

Nation-State

FBI says a North Korea-linked threat group known as Lazarus and APT38 is behind the $100 million Horizon bridge cryptocurrency heist.

Identity & Access

Hackers rarely hack in anymore. They log in using stolen, weak, default, or otherwise compromised credentials. That’s why it’s so critical to break the...

Cybersecurity Funding

Forward Networks, a company that provides network security and reliability solutions, has raised $50 million from several investors.

Application Security

Electric car maker Tesla is using the annual Pwn2Own hacker contest to incentivize security researchers to showcase complex exploit chains that can lead to...

Network Security

Cisco patched a high-severity SQL injection vulnerability in Unified Communications Manager (CM) and Unified Communications Manager Session Management Edition (CM SME).