Yoon replaces 6 ministers ahead of his 3rd year, general election
US deploys fighter jets in S. Korea for air exercise in Singapore
S. Korea's economy grows 0.6% in Q3, unchanged from earlier estimate
S. Korea successfully tests solid-fuel space rocket
Another search targets opposition leader in corruption probe
Generational shift looms in SK leadership
[KH Explains] Why tighter US subsidy rules could boost Chinese firms
US rejects NK's 'double standard' claim on Seoul's satellite launch
Majority of Korean office workers sleep deprived
Province office raided in probe into wife of opposition leader
Seoul blames Pyongyang for cyber attacks
Investigators find N.K. agency masterminded March 20-26 onslaughtBy 윤민식
Published : April 10, 2013 - 15:07
North Korea’s top military agency was behind the series of cyber attacks against South Korean broadcasters and financial institutions that took place March 20-26, the Seoul government announced Wednesday.
The Ministry of Science, ICT and Future Planning said its initial investigation found that the attacks were masterminded by the Reconnaissance General Bureau, Pyongyang’s premier intelligence body that is reported to be overseeing the operations of a special elite unit consisting of thousands of cyber warfare experts.
The team, consisting of government, military and civilian organizations, also said that those responsible appeared to have implanted the codes used in the attack as many as eight months ago.
“The attacker gained control of personal computers or server computers within the target organizations at least eight months ago,” the ministry said. The ministry also announced that the government would hold a cyber security conference on Thursday as part of efforts to establish tougher cyber defenses against future attacks.
“After maintaining monitoring activities, (the attackers) sent out the command to delete data stored in the server, and distributed malware to individual computers through the central server.”
On March 20, the websites and internal networks of broadcasters KBS, MBC and YTN, and three financial institutions including Shinhan Bank and Nonghyup, experienced malfunctions due to malware that originated from overseas.
Less than a week later, attacks were carried out against organizations concerning North Korea and those operated by conservative groups, resulting in their data being deleted.
The investigation has shown that more than 30 of the 76 different types of code collected from equipment affected or involved in the last month’s attack were identical to those used in previous attacks.
In addition, 22 of the 49 internet protocol addresses involved in the attack were the same as those used in cyber attacks carried out by North Korea since 2009, the Science Ministry said.
The investigators also said that at least six computers located within North Korea accessed the financial institutions’ computer systems on 1,590 occasions since June 28, 2012.
Over the period, the North Korean hackers spread malware and extracted information stored in the affected computers.
By Choi He-suk (email@example.com)
Korea unveils plan to tackle ailing mental health
[KH Explains] China ups OLED ante to take over Korean shares
6 outgoing ministers ‘strong candidates’ for general elections: ruling party