Embarrassing volte-face as IP address traced to SK
Source: Agencies |
March 23, 2013, Saturday
|
Print Edition
Print Edition
IN an embarrassing twist to a coordinated cyberattack on six major South Korean companies this week, investigators said yesterday they wrongly identified a Chinese Internet Protocol address as the source.
A joint team of government and private experts still maintains that hackers abroad were likely to blame, and many analysts suspect North Korea. But the error raises questions about investigators' ability to track down the source of an attack that shut down 32,000 computers on Wednesday and exposed big Internet security holes in one of the world's most wired, tech-savvy countries.
South Korean investigators said on Thursday that a malicious code that spread through the server of one of the hackers' targets, Nonghyup Bank, was traced to an IP address in China. Even then it was clear that the attack could have originated elsewhere because hackers can easily manipulate such data.
But the Korea Communications Commission said yesterday that the IP address actually belonged to a computer at the bank. The IP address was used only for the company's internal network and happened to be identical to a public Chinese address.
"We were careless in our efforts to double-check and triple-check," KCC official Lee Seung-won told reporters. He blamed the error on investigators' rush to give the public details on the search for a culprit.
Yonhap news agency, in an analysis yesterday, called the blunder "ridiculous" and said the announcement is certain to undermine government credibility.
Yonhap criticized officials for failing to dispel public anxiety in a country where people's lives are closely interwoven with services provided by media and financial institutions.
The investigation will take weeks. Investigators have said the attacks appeared to come from "a single organization" and suspect the hackers were from outside the country. Lee Seung-won, the KCC official, discounted the possibility that the attack could have come from within South Korea, but he didn't elaborate.
Lee Kyung-ho and many other South Korean experts suspect North Korea is behind the attack on broadcasters YTN, MBC and KBS, as well as Nonghyup and two other banks.
While there are many possible explanations, he said, including a homegrown hacker, the culprits are most likely to be North Koreans angry over ongoing US-South Korean military drills.
Lee said Pyongyang is well aware that an attack on financial institutions and media companies would create lots of publicity and turmoil in South Korea's vibrantly capitalistic society.
North Korea has issued many threats against South Korea and the US in recent days, but by yesterday it had yet to mention the South Korean computer crashes in state-run media.
South Korean officials say they have no proof of Pyongyang's involvement. The country is preparing to deal with more possible attacks, presidential spokesman Yoon Chang-jung said.
A joint team of government and private experts still maintains that hackers abroad were likely to blame, and many analysts suspect North Korea. But the error raises questions about investigators' ability to track down the source of an attack that shut down 32,000 computers on Wednesday and exposed big Internet security holes in one of the world's most wired, tech-savvy countries.
South Korean investigators said on Thursday that a malicious code that spread through the server of one of the hackers' targets, Nonghyup Bank, was traced to an IP address in China. Even then it was clear that the attack could have originated elsewhere because hackers can easily manipulate such data.
But the Korea Communications Commission said yesterday that the IP address actually belonged to a computer at the bank. The IP address was used only for the company's internal network and happened to be identical to a public Chinese address.
"We were careless in our efforts to double-check and triple-check," KCC official Lee Seung-won told reporters. He blamed the error on investigators' rush to give the public details on the search for a culprit.
Yonhap news agency, in an analysis yesterday, called the blunder "ridiculous" and said the announcement is certain to undermine government credibility.
Yonhap criticized officials for failing to dispel public anxiety in a country where people's lives are closely interwoven with services provided by media and financial institutions.
The investigation will take weeks. Investigators have said the attacks appeared to come from "a single organization" and suspect the hackers were from outside the country. Lee Seung-won, the KCC official, discounted the possibility that the attack could have come from within South Korea, but he didn't elaborate.
Lee Kyung-ho and many other South Korean experts suspect North Korea is behind the attack on broadcasters YTN, MBC and KBS, as well as Nonghyup and two other banks.
While there are many possible explanations, he said, including a homegrown hacker, the culprits are most likely to be North Koreans angry over ongoing US-South Korean military drills.
Lee said Pyongyang is well aware that an attack on financial institutions and media companies would create lots of publicity and turmoil in South Korea's vibrantly capitalistic society.
North Korea has issued many threats against South Korea and the US in recent days, but by yesterday it had yet to mention the South Korean computer crashes in state-run media.
South Korean officials say they have no proof of Pyongyang's involvement. The country is preparing to deal with more possible attacks, presidential spokesman Yoon Chang-jung said.
- About Us
- |
- Terms of Use
- |
-
RSS - |
- Privacy Policy
- |
- Contact Us
- |
- Shanghai Call Center: 962288
- |
- Tip-off hotline: 52920043
- 沪ICP证:沪ICP备05050403号-1
- |
- 互联网新闻信息服务许可证:31120180004
- |
- 网络视听许可证:0909346
- |
- 广播电视节目制作许可证:沪字第354号
- |
- 增值电信业务经营许可证:沪B2-20120012
Copyright © 1999- Shanghai Daily. All rights reserved.Preferably viewed with Internet Explorer 8 or newer browsers.
