The Korea Herald

피터빈트

Banks still sidelined by cyber attacks

Financial authorities keep watch with military, police agencies for another cyber attack

By Park Hyung-ki

Published : March 21, 2013 - 19:41

    • Link copied

Banks in Korea that had been exposed to malware allegedly planted by North Korea to cause a nationwide network crash were back in business tending to their daily customers, financial authorities said Thursday.

However, it may take a while to fully normalize their operations as the country’s financial regulators said that banks such as Nonghyup are still trying to retool some of their networks linked to automated teller machines.

Shinhan Bank said that it has restored its system and is operating at full capacity.

The incident, which has further escalated tension on the Korean Peninsula, has in part driven foreign selloffs of Korean shares in the stock market where the benchmark KOSPI fell almost 9 points, or 0.44 percent, to 1,950.82 on Thursday.

Shares of Shinhan Financial, the parent of Shinhan Bank, dropped 600 won, or 1.56 percent, to 37,750 won, while overall, bank shares shed 1.55 percent on average.

Korea’s financial regulator, albeit mostly recovered from what many claim was a North Korean cyber attack, is maintaining its “caution” alert status over the financial industry, while beefing up its vigilance with defense, police and intelligence agencies against more possible cyber terrorism, officials said.

They may remain on alert until all systems of banks and broadcasters are recovered. Korea’s communications regulators said it would take at least four to five days for complete normalization.

Card companies that rely on the transaction systems of banks are also staying alert, constantly checking their networks to safeguard against other possible cyber disruption.

The Bank of Korea said that its financial transactions system was not damaged by the latest cyber attacks, but that it will continue to monitor the situation or even launch emergency countermeasures, if necessary, to keep its networks safe from external threats.

On Wednesday, more than 32,000 network servers were hacked and crashed at major banks and television broadcasting stations, literally “destroying and suspending” workers’ hardware and software, as well as blocking their networks from automatic system upgrades, officials said.

An investigative team consisting of both civilian and defense officials are hunting down the source of this malicious code that surreptitiously infiltrated the systems in the form of a Trojan horse, and detonated simuntaneously, leading to a nationwide media and banking network breakdown.

Authorities, so far, are accusing North Korea of the cyber terror, saying that the advanced malware closely resembles the one previously also allegedly used by the North to disrupt South Korean cyberspace as they tracked the source coming from a Chinese Internet protocol Address.

Given that North Korea mainly uses the Internet network lines of China, South Korean officials deduced the system crash to be orchestrated by the North in retaliation against U.N. sanctions and a South Korea-U.S. joint military drill.

This is prompting Korea to re-strategize against unconventional threats from the North, which is believed to have more than 3,000 soldiers committed to igniting cyber warfare.

By Park Hyong-ki (hkp@heraldcorp.com)