The Korea Herald

피터빈트

3.20 사이버테러, 북한 소행으로 밝혀져

By KH디지털2

Published : April 10, 2013 - 14:54

    • Link copied

한국경찰청 사이버테러대응센터(연합뉴스) 한국경찰청 사이버테러대응센터(연합뉴스)


지난 달 방송사와 은행 전산망을 마비시킨 해킹이 북한의 소행이라고 정부는 수요일 밝혔다.

제주은행, 농협은행, 신한은행과 KBS, MBC, YTN의 전산망은 3월 20일 외부 악성코드로 인해 마비된 바 있다.

 민·관·군 정부 합동대응팀은 조사결과 북한이 2월 해외 IP를 이용해 우회적으로 악성코드를 컴퓨터에 심어놓았다고 밝혔다..

전산망 마비 사건 이후 한국은 정부 주도 하에 조사팀을 이루었고 패치 매니지먼트 시스템을 통해 악성코드가 흘러들어왔다는 사실을 밝혔다. 패치 매니지먼트 시스템은 서버 업데이트 용으로 사용된다.

합동 대응팀은 오후 2시 미래창조과학부 브리핑실에서 기자회견을 열어 이와 같은 조사 결과를 공식 발표했다. (코리아헤럴드) 


<관련 영문 기사>


Gov't confirms Pyongyang link in March cyber attacks

Amid escalating tension on the Korean Peninsula, the South Korean government on Wednesday announced that North Korea was behind the massive hacking attack that paralyzed networks of local financial firms and broadcasters last month.

Three South Korean banks -- Shinhan, NongHyup and Jeju -- and their insurance affiliates as well as three TV broadcasters -- KBS, MBC and YTN -- suffered the cyber attack as malicious code infected some 48,000 computers in their networks on March 20.

Following the initial attack, the Web sites of YTN and anti-Pyongynag organizations also suffered another round of cyber attacks on March 25 and 26.

"The series of cyber attacks on March 20, 25 and 26 resembled the cyber attack methods that North Korea had attempted in previous hackings," the Ministry of Science, ICT & Future Planning said in a press release.

The announcement comes as North Korea is ratcheting up threats against Seoul and Washington ahead of an imminent missile test.

While critics almost immediately pointed fingers at Pyongyang, the government had kept mum on the communist state's involvement, saying it was in the process of a "multilateral" probe to track down "all possible infiltration routes."

Earlier in the probe, the communications watchdog said a Chinese IP address accessed NongHyup's update management server and generated malicious files, fueling speculations of the North's involvement.

The watchdog, however, retracted the announcement a day later and acknowledged that it had mistaken a private IP address used by NongHyup as an IP address allocated to China.

The March 20 incident marks the latest attack in Pyongyang's growing pursuit of technological warfare. While the communist state has denied allegations, it has been blamed for a series of cyber attacks on the Web sites of South Korean government agencies and financial institutions in the past few years.

North Korea is known to operate a cyber warfare unit of 3,000 elite hackers who are trained to break into computer networks to steal information and distribute malware. (Yonhap News)