North Korea is to blame for last month's cyberattacks on the
websites of South Korean media companies and the president and prime minister's
offices, a South Korean investigation concluded Tuesday.
South Korea's ministry of science
said it was blaming North Korea based on analysis of codes, Internet addresses
and personal computers used to launch the attacks. The attacks occurred June
25, the 63rd anniversary of the beginning of the Korean War.
It is the latest of several
cyberattacks in recent years that Seoul blames on North Korea. Pyongyang has
denied previous claims and has accused the U.S. and South Korea of a
cyberattack in March that shut down its own websites for two days.
The South Korean government-led
team of investigators said the online assaults were planned for several months,
and the attackers hacked file-sharing websites in South Korea to find security
weaknesses.
An investigator told reporters that
the attackers tried to steal personal information from the websites targeted in
the June 25 cyberattacks, but it was not clear when the attempt took place.
Local media reported that the personal information of millions of people was
stolen from the presidential office's website and the ruling party.
Investigators managed to recover
data on the hard drives that the attackers destroyed June 25 and found an
Internet protocol address that was used by North Korea. They also found that
the codes used in the June attacks had the same features as the codes used in
the larger March 20 cyberattacks that shut down tens of thousands of computers
at South Korean broadcasters and banks.
The attackers in June tried to hide
their identities by destroying hard drives and disguising the Internet protocol
addresses they used, the ministry said. The attackers also tried to misguide
investigators by using the picture of the Anonymous group, the ministry said.
Local media reported in June that
the attack was done by a global hacking collective called Anonymous. But a
South Korean government official told the Associated Press at the time that the
attackers could not be confirmed at the moment.
The ministry said the June 25
attacks hit 69 government and private companies' websites and servers.
Earlier this month, cybersecurity
firms said the hackers behind the March attacks also have been trying to steal
South Korean and U.S. military secrets with a malicious set of codes they've
been sending through the Internet for years. They did not specifically blame
North Korea.
Researchers at Santa Clara,
California-based McAfee Labs said the malware was designed to find and upload
information referring to U.S. forces in South Korea, joint exercises or even
the word "secret."
McAfee said versions of the malware
have infected many websites in an ongoing attack that it calls Operation Troy
because the code is peppered with references to the ancient city. McAfee said
that in 2009, malware was implanted into a social media website used by
military personnel in South Korea. (AP)
0 comments:
Post a Comment