Most Popular
-
1
1 in 3 Koreans live alone, family types becoming diverse
-
2
Korea, Japan finance chiefs vow to tame rampant FX market volatility
-
3
US 'incredibly concerned' about suspected NK-Iran military ties
-
4
Sewol victims commemorated on tragedy's 10th anniversary
-
5
K-pop group's manager dismissed for setting up spycam in theater dressing room
-
6
Chanel, Louis Vuitton see muted growth in Korea
-
7
K-pop singer lost consciousness after being hit by foul ball, cancels show
-
8
Korean Muslim YouTuber's plan to build mosque in Incheon goes viral
-
9
[Kim Seong-kon] Democracy and the future of South Korea
![[Kim Seong-kon] Democracy and the future of South Korea](//res.heraldm.com/phpwas/restmb_idxmake.php?idx=644&simg=/content/image/2024/04/16/20240416050802_0.jpg&u=)
-
10
Why is Apple Pay struggling to get purchase in Korea?
![[Kim Seong-kon] Democracy and the future of South Korea](http://res.heraldm.com/phpwas/restmb_idxmake.php?idx=644&simg=/content/image/2024/04/16/20240416050802_0.jpg&u=)
Seoul blames Pyongyang for cyber attacks
Investigators find N.K. agency masterminded March 20-26 onslaught
By 윤민식Published : April 10, 2013 - 15:07
North Korea’s top military agency was behind the series of cyber attacks against South Korean broadcasters and financial institutions that took place March 20-26, the Seoul government announced Wednesday.
The Ministry of Science, ICT and Future Planning said its initial investigation found that the attacks were masterminded by the Reconnaissance General Bureau, Pyongyang’s premier intelligence body that is reported to be overseeing the operations of a special elite unit consisting of thousands of cyber warfare experts.
The team, consisting of government, military and civilian organizations, also said that those responsible appeared to have implanted the codes used in the attack as many as eight months ago.
“The attacker gained control of personal computers or server computers within the target organizations at least eight months ago,” the ministry said. The ministry also announced that the government would hold a cyber security conference on Thursday as part of efforts to establish tougher cyber defenses against future attacks.
“After maintaining monitoring activities, (the attackers) sent out the command to delete data stored in the server, and distributed malware to individual computers through the central server.”
On March 20, the websites and internal networks of broadcasters KBS, MBC and YTN, and three financial institutions including Shinhan Bank and Nonghyup, experienced malfunctions due to malware that originated from overseas.
Less than a week later, attacks were carried out against organizations concerning North Korea and those operated by conservative groups, resulting in their data being deleted.
The investigation has shown that more than 30 of the 76 different types of code collected from equipment affected or involved in the last month’s attack were identical to those used in previous attacks.
In addition, 22 of the 49 internet protocol addresses involved in the attack were the same as those used in cyber attacks carried out by North Korea since 2009, the Science Ministry said.
The investigators also said that at least six computers located within North Korea accessed the financial institutions’ computer systems on 1,590 occasions since June 28, 2012.
Over the period, the North Korean hackers spread malware and extracted information stored in the affected computers.
By Choi He-suk (cheesuk@heraldcorp.com)
![[Today’s K-pop] Zico drops snippet of collaboration with Jennie](http://res.heraldm.com/phpwas/restmb_idxmake.php?idx=642&simg=/content/image/2024/04/18/20240418050702_0.jpg&u=)