S Korea cyber attack may not have come from China
Researchers of Hauri, an IT security software company investigating computer viruses, talk at their lab in the company in Seoul
This week's cyber-attack on South Korean broadcasters and banks may not have originated in China after all as the IP address has been traced to one of the victim banks, the communications regulator said.
But it couldn't rule anything out, it added.
Hackers brought down the networks of three broadcasters and two banks, initially seen as the work of North Korea using its vast army of "cyber-warriors" to cripple computer servers.
Officials in Seoul originally said they had traced the breach to a server in China, a country that has been used by North Korean hackers in the past.
North Korea has threatened to attack both South Korea and the United States after it was hit with further U.N. sanctions for its nuclear test in February.
But the Korea Communications Commission said closer investigation into the attack on NongHyup Bank showed the IP address was a virtual IP address used within the bank for internal purposes.
The IP address by coincidence matched an address registered in China, it said.
The regulator said it could not rule anything out. There were signs the malicious code used came through an overseas route and a single entity was likely responsible for the attack on all six targets.
The attack hit the network servers of television broadcasters YTN, MBC and KBS, Shinhan Bank and NongHyup. South Korea's military raised its alert levels in response.
About 32,000 computers were hit, according to the South's state-run Korea Internet Security Agency, adding it would take up to five days to fully restore functions.
It took the banks hours to restore banking services. Damage to the servers of the TV networks was believed to be more severe, although broadcasts were not affected.
North Korea has in the past targeted South Korea's conservative newspapers, banks and government institutions.
The biggest hacking effort attributed to Pyongyang was a 10-day denial of service attack in 2011 that antivirus firm McAfee, part of Intel, dubbed "Ten Days of Rain".
It said that attack was a bid to probe the South's computer defences in the event of a real conflict.
South Korean authorities said Woori Bank was also attacked this week but was not infected.
North Korea last week complained that its own websites had been hacked, blaming the United States.
"Immigration is no longer the elephant in the room. These days, everyone is talking about it. They are just not saying all the right things."
- Hybrid connected system a step forward for quantum computing
- Type 1 diabetes device is 'step towards artificial pancreas'
- Tactile internet: 5G and the Cloud on steroids
- Intelligence agencies at loggerheads with cyber criminals
- £20m to get UK rid of polluting cabs
- Facebook’s secret drone test flight in the UK
- Test [06:22 pm 20/03/15]
- Test [06:20 pm 20/03/15]
- What to Specialise in Electronics Engineering?? [03:02 am 03/04/14]
- Britain to have just one remaining coal pit by the end of 2015 [01:11 am 03/04/14]
- LV Generator Star point earthing - UK [08:35 pm 02/04/14]
The essential source of engineering products and suppliers.