South Korean banks, others hit by cyber attack
SEOUL -- South Korea was hit by a major cyber attack Wednesday as the computer systems of two major banks, three broadcasters and others simultaneously crashed, raising suspicions that North Korea was to blame.
On some computer screens, images of skulls with glowing red eyes popped up along with cackling laughter.
Although it appears the attack, which began about 2 p.m., was designed more to frighten than to destroy, it highlighted the vulnerability of one of the world’s most wired, tech-dependent countries. Some banking operations were virtually paralyzed during the afternoon.
Newly installed President Park Geun-hye formed a crisis center to investigate the exact cause of the computer crashes.
“We cannot rule out the possibility that this was North Korea’s deed, but it’s hard to judge in advance,” said Defense Ministry spokesperson Kim Min-seok.
In an emergency briefing, the Korea Communications Commission suggested that the cyber attack was done through the distribution of malignant code.
North Korea was a prime suspect in part because it had threatened in recent days to retaliate against South Korea for joint military exercises underway with the United States and for Seoul’s support of U.N. sanctions against the North. In addition, North Korea has historically launched its provocations during periods of political transition in South Korea, which inaugurated a new president just last month.
Last week, North Korea accused the U.S. and South Korea of shutting down several of its websites, including KCNA, the national news service.
Wednesday’s attacks took place almost simultaneously. Broadcasting companies’ computers and editing screens went black; Internet banking went down, along with some ATMs.
“My computer froze all of a sudden, so I tried to restart it,” said Mihyun Ahn, an employee at YTN, a news service. “However, when I turned on my computer, it wouldn’t reboot. Shortly I realized all the computers at work were the same.”
Broadcasting was not disrupted during the attack.
Some South Koreans sent out screen shots showing their computer screens were displaying skulls and a warning message reading “Hacked by Whois Team,” but it wasn’t clear if that was an unrelated group possibly trying to take credit for the attack.
“The purpose of this attack appears to be to show off,” professor Lee Kyung-ho of Korea University’s graduate school of information security was quoted telling the Yonhap news service. He said the code on the warning screen initially looked like it came from Western Europe, but that “it could be a disguise.’’
Despite its immense poverty and a shortage of computers, North Korea is believed to be bolstering its cyber war abilities. It is suspected in five attacks on South Korea in the last three years, including one on a newspaper and another on a bank.
Experts warned that it could be months, at least, before there are answers to the latest attack.
“Whether if it turns out it was some kid in a dorm room or North Korea, many people won’t believe it,’’ said John Delury, who teaches international relations at Yonsei University in Seoul.
No matter the cause, the outages Wednesday were demoralizing for South Koreans.
“This is so embarrassing. South Korea claims to be an IT-strong nation, yet our banking and media system got hacked!’’ complained one microblogger on Naver, a leading portal.
Special correspondent Choi reported from Seoul and Times staff writer Demick from Beijing.
Must-read stories from the L.A. Times
Get the day's top news with our Today's Headlines newsletter, sent every weekday morning.
You may occasionally receive promotional content from the Los Angeles Times.