North Korea hackers blamed for South Korea shutdown

20 March 2013
By Sofia Mitra-Thakur
Mobile version
Share |
A reporter uses his mobile phone at the main office of television network YTN in Seoul

A reporter uses his mobile phone at the main office of television network YTN in Seoul

Computer networks at two major South Korean banks and three top TV broadcasters went into mass shutdown today, paralysing bank machines across the country and prompting speculation of a cyber attack by North Korea.

Servers at television networks YTN, MBC and KBS were affected as well as Shinhan Bank and NongHyup Bank, two major banks, the police and government officials said.

At least some of the computers affected by the attacks had some files deleted, according to the authorities.

Screens went blank at 2pm local time (0500 GMT), with skulls popping up on the screens of some computers - a strong indication that hackers had planted a malicious code in South Korean systems, the state-run Korea Information Security Agency said.

Some computers started to get back online more than two and a half hours later.

"We sent down teams to all affected sites. We are now assessing the situation. This incident is pretty massive and will take a few days to collect evidence," a police official said.

The banks have since restored their operations, but the TV stations could not say when they would be able to get their systems back up. Some workers at the stations could not boot their computer.

Broadcasts were not affected.

Police and South Korean officials investigating the shutdown said the cause was not immediately clear.

Speculation centred on North Korea, with experts saying a cyber attack orchestrated by Pyongyang was probably to blame.

The shutdown comes amid rising rhetoric and threats of attack from Pyongyang in response to UN punishment for its December rocket launch and February nuclear test.

Washington also expanded sanctions against North Korea this month in a bid to cripple the regime's ability to develop its nuclear programme.

North Korea has threatened revenge for the sanctions and for ongoing routine US-South Korean military drills it considers invasion preparation.

Accusations of cyber attacks on the Korean Peninsula are not new. Seoul believes Pyongyang was behind at least two cyber attacks on local companies in 2011 and 2012.

The latest network paralysis took place just days after North Korea accused South Korea and the US of staging a cyber attack that shut down its websites for two days last week.

The Thai-based internet service provider confirmed the outage, but did not say what caused the shutdown in North Korea.

"It's got to be a hacking attack," Lim Jong-in, dean of Korea University's Graduate School of Information Security, said of today's events.

"Such simultaneous shutdowns cannot be caused by technical glitches."

Shinhan Bank, a lender of South Korea's fourth-largest banking group, reported a system shutdown, including online banking and cash machines.

The company could not conduct any customer activities at bank windows, including retail and corporate banking.

At one Starbucks in central Seoul, customers were asked to pay for their coffee in cash, and queues formed outside disabled bank machines.

Seoul is a largely cashless society, with many people using debit and credit cards.

Broadcasters KBS and MBC said their computers went down at 2pm but officials said the shutdown did not affect daily TV broadcasts.

The YTN cable news channel also said the company's internal computer network was completely paralysed.

Local TV showed workers staring at blank computer screens.

The South Korean military raised its cyber attack readiness level today following the shutdown, the Defence Ministry said.

Defence officials reported no signs of cyber attacks on its ministry's computer network and had no immediate details about the broader shutdown.

LG Uplus Corp, South Korea's third-largest mobile operator, which also operates landline services, said the company's networks were operating normally and it did not see any signs of a cyber attack, company spokesman Lee Jung-hwan said.

The companies whose networks shut down today use not just LG Uplus's services but also other services from SK Telecom Co and KT Corp, he said.

The investigation will take months, Mr Lim said.

"Hackers attack media companies usually because of a political desire to cause confusion in society," he said.

"Political attacks on South Korea come from North Koreans."

Massive shutdowns of the networks of major companies take at least one to six months of planning and co-ordination, said Kwon Seok-chul, chief executive officer of Seoul-based cyber security firm Cuvepia.

Latest Issue

E&T cover image 1605

"We visit Barcelona, one of the smartest cities in the world, to find out what makes it so special. What does it look like and what is the future?"

E&T jobs

  • High Voltage Engineer

    Premium job

    Essex X-Ray & Medical Equipment
    • Great Dunmow, Essex

    This High Voltage Engineer will provide design leadership for high voltage cable assemblies up to one megavolt.

    • Recruiter: Essex X-Ray & Medical Equipment

    Apply for this job

  • Sales Electronics Engineer

    Premium job

    Precision Microdrives
    • London (Greater)
    • £25,000 - £30,000 starting salary, inclusive of on-target commissions.

    Precision Microdrives (PMD) is a fast growing technology company that designs, produces and trades miniature electro-mechanical mechanisms

    • Recruiter: Precision Microdrives

    Apply for this job

  • Analogue Electronics Engineer

    Premium job

    Swedish Institute of Space Physics (IRF)
    • Uppsala (Stad) (SE)

    The Swedish Institute of Space Institute (IRF) in Uppsala search for an analogue electronics engineer.

    • Recruiter: Swedish Institute of Space Physics (IRF)

    Apply for this job

  • Principal Robotic Systems Engineer

    Premium job

    National Oceanographic Centre
    • Southampton, Hampshire
    • £45,271 to £49,207 per annum

    Responsible for technical oversight and project management of internally and externally funded innovation centre projects.

    • Recruiter: National Oceanographic Centre

    Apply for this job

  • Smart Grid Research Engineer

    Premium job

    University of Strathclyde
    • Cumbernauld, Glasgow
    • Grade: 6/7* £26,537 - £37,768*

    Work as part of a growing dynamic team on a wide range of technical projects with particular emphasis on experimental validation and testing

    • Recruiter: University of Strathclyde

    Apply for this job

  • Electrical Engineer - Water

    Premium job

    Mott MacDonald
    • Peterborough, Cambridgeshire

    Mott MacDonald's highly successful Water and Environment Unit is recruiting an electrical engineer....

    • Recruiter: Mott MacDonald

    Apply for this job

  • Electrical Design Engineer

    Premium job

    Mott MacDonald
    • Cambridge, Cambridgeshire

    Mott MacDonald's highly successful water business continues to win and deliver a fantastic amount of work....

    • Recruiter: Mott MacDonald

    Apply for this job

  • Senior Electronics Engineer

    York Instruments
    • York, North Yorkshire

    Senior electronics engineer to work as part of a team developing an MEG imaging system; working with the engineering team and external contractors.

    • Recruiter: York Instruments

    Apply for this job

  • Field Application Engineer

    • Madrid

    Responsible for giving product presentations to the customer describing how Intel products provide the optimum solution to their application.

    • Recruiter: Intel

    Apply for this job

  • Control Engineer

    Bank of England
    • Debden
    • Competitive

    We’re looking for a qualified engineer with experience of computer programming for engineering systems and instrumentation.

    • Recruiter: Bank of England

    Apply for this job

More jobs ▶


Choose the way you would like to access the latest news and developments in your field.

Subscribe to E&T