[QODLink]
Asia-Pacific

S Korea says China did not plan cyberattack

Investigators say they had mistakenly identified a Chinese internet address as source of the attack.
Last Modified: 22 Mar 2013 12:29

South Korean investigators have said they mistakenly identified a Chinese internet address as the source of a cyberattack that paralyzed tens of thousands of computers at banks and broadcasters earlier this week.

But investigators, speaking on Friday, insisted the attack originated from abroad.

The error by South Korean regulators has raised questions about South Korea's ability to track down the source of the attack that hit 32,000 computers at six companies on Wednesday and exposed the country's internet security and vulnerability to hackers.

Investigators said on Thursday that a malicious code that spread through the server of one target, Nonghyup Bank, was traced to an Internet Protocol address in China.

'Carelessness'

But the attack could have originated somewhere else, because such data can easily be manipulated by hackers.

The state-run Korea Communications Commission said on Friday that the IP address actually belonged to a computer at the bank.

The IP address was used only for the company's internal network and was identical to a public Chinese address.

"We were careless in our efforts to double-check and triple-check," KCC official Lee Seung-won told reporters.

"We will now make announcements only if our evidence is certain," he added.

Yonhap news agency, in an analysis on Friday, called the blunder "ridiculous" and said the announcement was certain to undermine the government's credibility.

North Korea suspected

Experts in Seoul suspect North Korea in the attack on broadcasters YTN, MBC and KBS, as well as Nonghyup and two other banks.

Seoul alleges six cyberattacks by North Korea on South Korean targets since 2009.

But the investigation will take weeks, and officials say they have no proof yet of Pyongyang's involvement.

South Korean officials say that Wednesday's attacks appeared to come from "a single organization" but they have yet to assign blame.

North Korea has not yet mentioned the shutdown.

Seoul has since set up a team of computer security experts from the government, military and private sector to identify the hackers and is preparing to deal with more possible attacks, presidential spokesman Yoon Chang-jung told reporters earlier Friday.

Military unaffected

The cyberattack did not affect South Korea's government, military or infrastructure, and there were no initial reports that customers' bank records were compromised.

But it disabled cash machines and disrupted commerce in this tech-savvy, Internet-dependent country.

All three of the banks that were hit were back online and operating regularly Friday.

It could be next week before the broadcasters' systems have fully recovered, though they said their programming was never affected.

404

Source:
AP
Topics in this article
Country
Organisation
Featured on Al Jazeera
An innovative rehabilitation programme offers Danish fighters in Syria an escape route and help without prosecution.
Street tension between radical Muslims and Holland's hard right rises, as Islamic State anxiety grows.
Take an immersive look at the challenges facing the war-torn country as US troops begin their withdrawal.
Ministers and MPs caught on camera sleeping through important speeches have sparked criticism that they are not working.
Featured
More than 400 gaming dens operate on native lands, but critics say social ills and inequality stack the deck.
The Palestinian president is expected to address the UN with a new proposal for the creation of a Palestinian state.
Nearly 1,200 aboriginal females have been killed or disappeared over 30 years with little justice served, critics say.
Ethnic violence has wracked China's restive Xinjiang region, leading to a tight government clampdown.
Malay artists revitalise the art of puppeteering by fusing tradition with modern characters such as Darth Vader.