S. Korea Says N. Korea Behind Computer Crash in March

North Korea was responsible for a cyberattack that shut down tens of thousands of computers and servers at South Korean broadcasters and banks last month, officials in Seoul said Wednesday, noting that an initial investigation pointed to a military-run spy agency as the culprit.

The accusation comes as tensions run high on the Korean Peninsula, with North Korea delivering increasingly belligerent rhetoric as it stews over U.N. sanctions and U.S.-South Korean military drills.

Investigators detected similarities between the March cyberattack and past hacking attributed to the North Korean spy agency, including the recycling of 30 previously used malware programs — out of a total of 76 used in the attack, said Chun Kil-soo, an official at South Korea’s internet security agency.

Investigators believe that six computers in North Korea were used to access South Korean servers using more than 1,000 IP addresses in 40 countries overseas, Chun said. Thirteen of those IP addresses were traced back to North Korea.

He said the attack appeared to have been planned for about eight months.

“We saw evidence that the attack was extremely carefully prepared,” Chun said at a news briefing.

The March 20 cyberattack struck 48,000 computers and servers, hampering banks for two to five days, although Financial Services Commission official Lim Wang-sub said Wednesday that no bank records or personal data were compromised.

Experts believe North Korea trains large teams of cyber warriors and that the South and its allies should be prepared against possible attacks on key infrastructure and military systems. If the inter-Korean conflict were to move into cyberspace, South Korea’s deeply wired society would have more to lose than North Korea’s, which largely remains offline.

This article appeared in print on page 3 of the April 11th, 2013 edition of Hamodia.