South Korea cyber-attack: Chinese IP a possible suspect
21 Mar. 2013 Enterprise Tech News
The cyber-attack brought upon in South Korea on Wednesday affected networks at six organizations. Officials, upon investigation came to a conclusion that a Chinese IP was used to contact servers of the respective six organizations. The IP was used to plant malware on these servers, which attacked the computers.
Investigation, according to the officials is still going on, in order to find out the origins of this attack. “At this stage, we’re still making out best efforts to trace the origins of attacks, keeping all kinds of possibilities open”, the telecoms regulator said.
North Korea, because of its past indiscretions in the years 2009 and 2011, was an immediate suspect for being responsible for this cyber-attack. The discovery of the IP has strengthened officials’ suspicions of North Korea’s involvement in the South Korea cyber-attack. North Korea, according to the Korean Peninsula’s media reports, have sounded air-raid warnings on Thursday morning as a part of their military drills.
The good news is that the shutdown did not affect government agencies or vulnerable targets such as the power plants or transportation systems. However, people faced difficulties in using their debit cards and those who purchased coffee at one Starbucks in downtown Seoul, were asked to pay in cash, causing people to stand in a queue outside disabled bank machines.
The broadcasters KBS and MBC, having faced network crash because of the cyber-attack brought on via a Chinese IP, have not yet got back their full computer use. The YTN cable news channel also suffered crashed internal computer network, its employees forced to sit and stare at their blank computer screens.