SEOUL – South Korea issued a cyber attack alert Tuesday after hackers penetrated a number of official websites, including the presidential Blue House, on the anniversary of the outbreak of the Korean War.
“The government can confirm a cyber attack by unidentified hackers that shut down several sites including the Blue House,” the science ministry said in a statement, adding that the five-stage national cyber alert had been raised from level one to two.
A number of news media websites and several government agencies, including the office for Government Policy Coordination and the ruling New Frontier Party, were also affected by what seemed to be a coordinated attack beginning at 10:45 am (0145 GMT). The hacking coincided with the 63rd anniversary of the start of the Korean War on June 25, 1950.
Related Reading: ‘PinkStats’ Malware Used in Attacks Against South Korea
The ministry statement did not speculate on who might be responsible. Investigations into several recent large-scale cyber assaults on South Korean media groups and financial institutions concluded that they originated in North Korea.
A number of posts left on the hacked sites claimed to be the work of the global “hacktivist” group Anonymous and included messages praising North Korean leader Kim Jong-Un.
As of 0300 GMT, the Blue House website was closed down, with a message saying the site was “under maintenance”.
Anonymous denied any involvement on its official Twitter account, but said it had succeeded in hacking a number of North Korean media websites on Tuesday, including the official Korean Central News Agency (KCNA) and the ruling party newspaper, Rodong Sinmun.
Both sites were briefly inaccessible on Tuesday morning but appeared to be running normally a few hours later.
South Korea has sought to beef up its cyber defenses since a March 20 attack completely shut down the networks of TV broadcasters KBS, MBC and YTN, and halted financial services and crippled operations at three banks.
An official investigation determined North Korea’s military intelligence agency was responsible, with a joint team of civilian and government experts tracing the origin to six personal computers used in North Korea.
In order to spread malware in target computers, the hackers went through 49 different places in 10 countries including South Korea, the investigation found. The North had used 22 of the places in past attacks.
About 48,700 machines including PCs, automatic teller machines and server computers were damaged in the attack, which coincided with heightened military tensions on the Korean peninsula, following Pyongyang’s nuclear test in February.
North Korea was also blamed for cyber attacks in 2009 and 2011 that targeted South Korean financial entities and government agencies.
In testimony last year to the US congressional Armed Services Committee, the commander of US forces in South Korea, General James Thurman, said North Korea was employing “sophisticated computer hackers” trained in cyber attacks.
“Such attacks are ideal for North Korea” because they can be done anonymously, and “have been increasingly employed against a variety of targets including military, governmental, educational and commercial institutions”, Thurman said.
Related Reading: New Malware Variant Discovered in South Korean Attacks
Related Reading: South Korea’s ‘Top Gun’ Cyber Warriors
Related Reading: South Korea Cyber Attacks Used Data-Wiping Trojan
Related Reading: South Korea Rows Back on China Link to Cyber Attack
Related Reading: ‘PinkStats’ Malware Used in Attacks Against South Korea
