July 16, 2013
A South Korean government investigation has found that the North was responsible for last month’s cyber attacks on the websites of several government offices and media outlets.
Seoul’s science ministry said Tuesday it traced an Internet protocol (IP) address used in the attack to North Korea. It also said other malicious codes and techniques were similar to past attacks blamed on Pyongyang.
Last month’s attack came on the 63rd anniversary of the start of the Korean War. It shut down the website of the presidential Blue House and the conservative ruling party, and some media servers. Several North Korean websites were also brought down on the same day.
The shadowy international hacking activist group Anonymous had said it planned to attack North Korean websites on the anniversary. But there were conflicting reports among purported Anonymous operatives about who was responsible for hacking the South Korean sites.
The South Korean government report on Tuesday said the attackers tried to hide their identities by pretending to be associated with the Anonymous group. The claim could not be verified.
Seoul also blamed North Korea’s military spy agency for a March cyber attack that affected 48,000 computers and servers, stalling operations at three top South Korean broadcasters and hampering financial services at banks for several days.
North Korea is believed to have an elite cyber warfare unit that was suspected of being behind computer attacks on South Korean government agencies and financial institutions in 2009 and 2011.
Pyongyang has denied the accusations. It has accused the U.S. and South Korea of shutting down some of its own websites in March.