South Korea's Ministry of Science said on Tuesday it
analyzed codes, Internet addresses, and personal computers used in the June 25
attacks that paralyzed the websites of the presidential and prime minister's
offices. The date marked the 63rd anniversary of the Korean War. "An IP
address within North Korean's bandwidth was found, said Chun Kilsoo, an
official from Korea Internet and Security Agency, during a media briefing.
Malicious codes and attack techniques were found to be
similar to those identified in previous breaches which were traced back to
North Korea.
Government officials, however, did not confirm a McAfee
report which revealed cyberattacks in March against South Korean banks and news
agencies were the result of a four-year spy operation. According to the U.S.
security vendor, the covert op, dubbed "Operation Troy", was aimed at
stealing sensitive military and government information and had affected 30,000
computers. In the June 25 attacks, affected sites showed messages stating:
"We Are Anonymous. We Are Legion. We Do Not Forgive. We Do Not Forget.
Expect Us." Reports then had attributed the attacks to Anonymous, but the
global hacktivist group denied via Twitter any involvement in the South Korean
attacks, according to Reuters.
This is not the first time Seoul has pointed fingers up
north. In January, South Korean police blamed the North for a June 2012
cyberattack which brought down operations at a major newspaper, JoongAng Ilbo.
North Korea, in response, accused the U.S. for staging cyberattacks targeted at
infiltrating Pyongyang's Internet systems and blamed South Korea for fueling
the conflict with its accusations.
In March, Seoul stepped up its cyberspace survelliance in
preparation for possible cyberattacks from North Korea amid threats of a
nuclear war. It issued its fourth highest level of cyberalert and conducted
24-hour monitoring of the state telecommunications network.
