Connect with us

Hi, what are you looking for?



South Korean TV Networks, Banks Under Suspect Cyber Attack

SEOUL – The South Korean military raised its cyber attack warning level Wednesday after computer networks crashed at major TV broadcasters and banks, with initial suspicions focused on North Korea.

SEOUL – The South Korean military raised its cyber attack warning level Wednesday after computer networks crashed at major TV broadcasters and banks, with initial suspicions focused on North Korea.

The state-run Korea Internet Security Agency said computer networks at three TV broadcasters — KBS, MBC and YTN — as well as the Shinhan and Nonghyup banks had been “partially or entirely crippled”.

LG Uplus, an Internet service provider, also reported a network crash. An investigator from the specialist cyber wing of the national police agency said the shutdown appeared to have been triggered by a “virus or malicious code”, suggesting a concerted hacking operation.

There was no immediate confirmation of who or what was behind the multiple shutdown, which occurred around 2:00 pm (0500 GMT), but the main finger of suspicion is likely to point at Pyongyang.

Cyber Attack

Wednesday’s crash came days after North Korea accused South Korea and the United States of being behind a “persistent and intensive” hacking assault that took a number of its official websites offline for nearly two days.

The North was believed to be behind two major cyber attacks, in 2009 and 2011, that targeted South Korean government agencies and financial institutions, causing their networks to crash.

In June last year, the conservative JoongAng Ilbo newspaper had its server and website paralysed by a cyber attack that police again attributed to Pyongyang.

Advertisement. Scroll to continue reading.

The South Korean Defence Ministry said it had raised its five-level “Infocon” cyber threat alert status from four to three.

With military tensions on the Korean peninsula at their highest level for years following the North’s nuclear test last month, the Infocon level was only recently raised from five to four — with one being the top threat level.

“We do not rule out the possibility of North Korea being involved, but it’s premature to say so,” Defence Ministry spokesman Kim Min-Seok said.

Shinhan Bank said in a statement that it had been forced to turn away branch customers, while its Internet banking and ATM operations were also badly affected.

However, the network was restored after four hours, the bank said.

A KBS labour union spokesman said all the broadcaster’s computers had crashed simultaneously. Although it remained on air, journalists had difficulty filing stories because they could not access the network, he said.

“We still have no idea who was behind the attacks,” said a spokesman from the broadcasting watchdog Korea Communications Commission.

“The related government agencies are investigating affected PCs. We need more time to figure out who did it, and why,” the spokesman said.

The National Computing and Information Agency, which oversees all the computer networks of government organisations, said its system had been unaffected.

South Korean intelligence officials say North Korea is believed to have a cyber warfare unit staffed by around 3,000 people handpicked for their computing prowess.

Seoul’s Korea Internet Security Agency recorded 40,000 cases of cyber attacks from foreign and domestic sources in 2012, up sharply from 24,000 in 2008.

“South Korea is an IT superpower with good infrastructure but remains relatively vulnerable to hacking,” Park Soon-Tai, manager of the agency’s hacking response team, told AFP in a recent interview.

China, North Korea’s main patron which has angrily denied being behind a spate of cyber attacks on US interests, said the incident in South Korea showed the importance of a collective response to IT threats.

“China would like to work with other countries based on mutual respect and mutual trust in constructive cooperation in this field,” foreign ministry spokesman Hong Lei said.

In a phone call to South Korean President Park Geun-Hye, China’s new leader Xi Jinping said Beijing was willing to help promote “reconciliation” between Seoul and Pyongyang amid the current tensions.

RelatedSouth Korea Says North Was Behind Cyber Attack on Newspaper

Written By

AFP 2023

Click to comment

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

SecurityWeek’s Threat Detection and Incident Response Summit brings together security practitioners from around the world to share war stories on breaches, APT attacks and threat intelligence.


Securityweek’s CISO Forum will address issues and challenges that are top of mind for today’s security leaders and what the future looks like as chief defenders of the enterprise.


Expert Insights

Related Content


WASHINGTON - Cyberattacks are the most serious threat facing the United States, even more so than terrorism, according to American defense experts. Almost half...


Websites of German airports, administration bodies and banks were hit by DDoS attacks attributed to Russian hacker group Killnet


The war in Ukraine is the first major conflagration between two technologically advanced powers in the age of cyber. It prompts us to question...

Application Security

Fortinet on Monday issued an emergency patch to cover a severe vulnerability in its FortiOS SSL-VPN product, warning that hackers have already exploited the...


Iranian APT Moses Staff is leaking data stolen from Saudi Arabia government ministries under the recently created Abraham's Ax persona


The North Korean APT tracked as TA444 is either moonlighting from its previous primary purpose, expanding its attack repertoire, or is being impersonated by...

Application Security

Virtualization technology giant VMware on Tuesday shipped urgent updates to fix a trio of security problems in multiple software products, including a virtual machine...


Russia-linked cyberespionage group APT29 has been observed using embassy-themed lures and the GraphicalNeutrino malware in recent attacks.