North Korea threatens U.S. bases in the Pacific

Suspicions also grow that PyongYang carried out mass cyberattack on South Korea

Topics: North Korea, South Korea, Pyongyang, Kim Jong-un, Pacific, aol_on,

Investigators have traced a coordinated cyberattack that paralyzed tens of thousands of computers at six South Korean banks and media companies to a Chinese Internet Protocol address, but it was not yet clear who orchestrated the attack, authorities in Seoul said Thursday.

The discovery did not erase suspicions that North Korea was to blame. IP addresses are unique to each computer connected to the Internet, but they can easily be manipulated by hackers operating anywhere in the world. The investigation into Wednesday’s attack could take weeks.

By Thursday, only one of the six targets, Shinhan Bank, was back online and operating regularly. It could be next week before the other companies have fully recovered.

North Korea has threatened Seoul and Washington in recent days over U.N. sanctions imposed for its Feb. 12 nuclear test, and over ongoing U.S.-South Korean military drills. It also threatened revenge after blaming Seoul and Washington for an Internet shutdown that disrupted its own network last week.

North Korea “will never remain a passive onlooker to the enemies’ cyberattacks,” state media said last week in a commentary. “The U.S. and its allies should be held wholly accountable for the ensuing consequences.”

Wednesday’s cyberattack did not affect South Korea’s government, military or infrastructure, and there were no initial reports that customers’ bank records were compromised. But it disabled scores of cash machines across the country, disrupting commerce in this tech-savvy, Internet-dependent country, and renewed questions about South Korea’s Internet security and vulnerability to hackers.

The attack disabled some 32,000 computers at broadcasters YTN, MBC and KBS, as well as three banks. Many of the computers were still down Thursday, but the broadcasters said their programming was never affected, and all ATMs were back online except for those at 16 branches belonging to Nonghyup Bank.

The attack may also have extended to the United States. The website of the U.S.-based Committee for Human Rights in North Korea also was hacked, with reports on satellite imagery of North Korean prison camps and policy recommendations to the U.S. government deleted from the site, according to executive director Greg Scarlatoiu.

The initial findings from South Korean investigators were based on results from an investigation into one target, Nonghyup Bank. The investigation is continuing into the shutdown at the five other firms.

A malicious code that spread through the Nonghyup server was traced to an IP address in China, said Cho Kyeong-sik, a spokesman for the state-run Korea Communications Commission. Regulators said all six attacks appeared to come from “a single organization.”

The Chinese IP address identified by the South Korean communications regulator belongs to an Internet services company, Beijing Teletron Telecom Engineering Co., according to the website tracking and verification service Whois. A woman who answered the telephone number listed on Beijing Teletron’s website denied the company was involved in Wednesday’s cyber-hack. She refused to identify herself or provide further information.

You Might Also Like

Beijing Teletron operates fiber-optic networks and provides Internet services. It is the seventh-largest host of IP addresses in China. A subsidiary of the Shanghai-listed Dr. Peng Telecom and Media Group, Beijing Teletron’s clients include government agencies and state media: the Foreign Ministry, the State Council Information Office and People’s Daily, the Communist Party’s flagship newspaper.

Wednesday’s cyberattack does not fit the mold of previous attacks blamed on China. Chinese hacking, either from Beijing’s cyber-warfare command or freelance hackers, tends to be aimed at collecting intelligence and intellectual property – not simply at disrupting commerce.

China is home to a sizable North Korean community, both North Koreans working in the neighboring nation and Chinese citizens of ethnic ancestry who consider North Korea their motherland.

If the attack was in fact carried out by North Korea, it may be a warning to South Korea that Pyongyang is capable of breaching its computer networks with relative ease. Seoul’s National Intelligence Services believes Pyongyang was behind six cyberattacks between 2009 and 2012.

South Korean investigators say they have no proof that North Korea was behind the attack. However, the outage took place as Pyongyang warned Seoul against holding joint military drills with the U.S. that it considers rehearsals for an invasion.

North Korea also has threatened retaliation for U.N. sanctions imposed for the nuclear test and for its launch of a long-range rocket in December. Pyongyang blames Seoul and Washington for leading the push to punish the North.

On Thursday, in a vein of typical bellicose rhetoric, North Korea’s military threatened to attack American naval bases in Japan and an air base in Guam, where nuclear-capable B-52 bombers took off earlier this week to join the drills in South Korea.

The Korean Peninsula has remained in a technical state of war, divided by a heavily militarized border, since the foes signed a truce in 1953. Over the past decade, the two Koreas have engaged in deadly naval skirmishes in Yellow Sea waters that both countries claim. And, increasingly, their warfare has extended into cyberspace.

In 2011, computer security software maker McAfee Inc. said North Korea or its sympathizers likely were responsible for a cyberattack against South Korean government and banking websites that year. The analysis also said North Korea appeared to be linked to a massive computer-based attack in 2009 that brought down U.S. government Internet sites. Pyongyang denied involvement.

Previous hacking attacks on commercial ventures have compromised the personal data of millions of customers. Past malware attacks also disabled access to government websites and destroyed files on personal computers.

Last year, North Korea threatened to attack several South Korean news outlets, including KBC and MBC, for reports critical of Pyongyang’s activities.

In recent days, North Korea’s Committee for the Peaceful Reunification of Korea – a government agency that often targets South Koreans in its push to draw attention to reunification – warned Seoul’s “reptile media” that the North was prepared to conduct a “sophisticated strike” if its negative coverage continued.

“If it plays out that this was a state-sponsored attack, that’s pretty bald-faced and definitely an escalation in the tensions between the two countries,” said James Barnett, former chief of public safety and homeland security for the U.S. Federal Communications Commission.

An ominous question is which other businesses, in South Korea or elsewhere, may also be in the sights of the attacker, said Barnett, who heads the cybersecurity practice at Washington law firm Venable.

“This needs to be a wake-up call,” he said. “This can happen anywhere.”

Timothy Junio, a cybersecurity fellow at Stanford University’s Center for International Security and Cooperation, said South Korea has worked to protect itself.

“Part of why this wasn’t more consequential is probably because South Korea took the first major incident seriously and deployed a bunch of organizational and technical innovations to reduce response time during future North Korea attacks,” he said.

South Korea also created a National Cybersecurity Center and Cyber Command modeled after the U.S. Cyber Command. Junio said South Korea’s anti-virus firms also play a large role in stopping hacking attacks.

 

More Related Stories

Featured Slide Shows

  • Share on Twitter
  • Share on Facebook
  • 1 of 11
  • Close
  • Fullscreen
  • Thumbnails
    Martyna Blaszczyk/National Geographic Traveler Photo Contest

    National Geographic Traveler Photo Contest Entries

    Slide 1

    Pond de l'Archeveche - hundreds thousands of padlocks locked to a bridge by random couples, as a symbol of their eternal love. After another iconic Pont des Arts bridge was cleared of the padlocks in 2010 (as a safety measure), people started to place their love symbols on this one. Today both of the bridges are full of love locks again.

    Anders Andersson/National Geographic Traveler Photo Contest

    National Geographic Traveler Photo Contest Entries

    Slide 2

    A bird's view of tulip fields near Voorhout in the Netherlands, photographed with a drone in April 2015.

    Aashit Desai/National Geographic Traveler Photo Contest

    National Geographic Traveler Photo Contest Entries

    Slide 3

    Angalamman Festival is celebrated every year in a small town called Kaveripattinam in Tamil Nadu. Devotees, numbering in tens of thousands, converge in this town the day after Maha Shivratri to worship the deity Angalamman, meaning 'The Guardian God'. During the festival some of the worshippers paint their faces that personifies Goddess Kali. Other indulge in the ritual of piercing iron rods throughout their cheeks.

    Allan Gichigi/National Geographic Traveler Photo Contest

    National Geographic Traveler Photo Contest Entries

    Slide 4

    Kit Mikai is a natural rock formation about 40m high found in Western Kenya. She goes up the rocks regularly to meditate. Kit Mikai, Kenya

    Chris Ludlow/National Geographic Traveler Photo Contest

    National Geographic Traveler Photo Contest Entries

    Slide 5

    On a weekend trip to buffalo from Toronto we made a pit stop at Niagara Falls on the Canadian side. I took this shot with my nexus 5 smartphone. I was randomly shooting the falls themselves from different viewpoints when I happened to get a pretty lucky and interesting shot of this lone seagull on patrol over the falls. I didn't even realize I had captured it in the shot until I went back through the photos a few days later

    Jassen T./National Geographic Traveler Photo Contest

    National Geographic Traveler Photo Contest Entries

    Slide 6

    Incredibly beautiful and extremely remote. Koehn Lake, Mojave Desert, California. Aerial Image.

    Howard Singleton/National Geographic Traveler Photo Contest

    National Geographic Traveler Photo Contest Entries

    Slide 7

    Lucky timing! The oxpecker was originally sitting on hippo's head. I could see the hippo was going into a huge yawn (threat display?) and the oxpecker had to vacate it's perch. When I snapped the pic, the oxpecker appeared on the verge of being inhaled and was perfectly positioned between the massive gaping jaws of the hippo. The oxpecker also appears to be screeching in terror and back-pedaling to avoid being a snack!

    Abrar Mohsin/National Geographic Traveler Photo Contest

    National Geographic Traveler Photo Contest Entries

    Slide 8

    The Yetis of Nepal - The Aghoris as they are called are marked by colorful body paint and clothes

    Madeline Crowley/National Geographic Traveler Photo Contest

    National Geographic Traveler Photo Contest Entries

    Slide 9

    Taken from a zodiac raft on a painfully cold, rainy day

    Ian Bird/National Geographic Traveler Photo Contest

    National Geographic Traveler Photo Contest Entries

    Slide 10

    This wave is situated right near the CBD of Sydney. Some describe it as the most dangerous wave in Australia, due to it breaking on barnacle covered rocks only a few feet deep and only ten metres from the cliff face. If you fall off you could find yourself in a life and death situation. This photo was taken 300 feet directly above the wave from a helicopter, just as the surfer is pulling into the lip of the barrel.

  • Recent Slide Shows

Comments

0 Comments

Comment Preview

Your name will appear as username ( settings | log out )

You may use these HTML tags and attributes: <a href=""> <b> <em> <strong> <i> <blockquote>