South Korea Cyberattack Traced to China IP Address

But that doesn't mean North Korea is off the hook

By Mark Russell,  Newser Staff

Posted Mar 21, 2013 4:00 AM CDT

(Newser) – No one knows who launched yesterday's cyberattack in South Korea that crippled 32,000 computers at three TV broadcasters and three banks, but the attack has been traced to a Chinese IP address. That doesn't mean North Korea is in the clear, however; on the contrary, the North has been known to route its attacks through such addresses, and the revelation has only "strengthened speculation" that North Korea was at the wheel, reports the BBC.

The malware used in this attack is called "DarkSeoul" and was first identified a year ago, reports the New York Times. State-sponsored cyberattacks tend to be stealthy, but this malware was not disguised, leading some to question whether North Korean hackers were behind it—or whether the North wanted to send a clear message. "This could be the start of a full-fledged cyber war," one intelligence official tells the Chosun Ilbo, warning that the South's nuclear power plants and railways could be future targets. Meanwhile, the AP reports that as of today, only one of the six companies targeted is back online; the other five may not all be up and running until next week.

Customers use the automated teller machine at a branch of Shinhan Bank in Seoul, South Korea, earlier today.   (AP Photo/Lee Jin-man)
In this photo released by Korean Broadcasting System, KBS employees try to recover a computer server a day after a cyberattack caused computer networks at the company to crash, in Seoul, South Korea,...   (AP Photo/Korean Broadcasting System)
« Prev« Prev | Next »Next » Slideshow
To report an error on this story, notify our editors.

Other Sites We Like:   The Street   |   MSN Living   |   PopSugar Tech   |   RealClear   |   24/7 Wall St.   |   Biography   |   Barstool Sports   |   OK!