SEOUL, South Korea • A cyberattack caused computer networks at major South Korean banks and top TV broadcasters to crash simultaneously Wednesday, paralyzing bank machines across the country and prompting speculation of North Korean involvement.
Screens went blank at 2 p.m. (0500 GMT), the state-run Korea Information Security Agency said, and more than seven hours later some systems were still down.
Police and South Korean officials couldn’t immediately determine responsibility and North Korea’s state media made no immediate comments on the shutdown. But some experts suspected a cyberattack orchestrated by Pyongyang. The rivals have exchanged threats amid joint U.S.-South Korean military drills and in the wake of U.N. sanctions meant to punish North Korea over its nuclear test last month.
The network paralysis took place just days after North Korea accused South Korea and the U.S. of staging a cyberattack that shut down its websites for two days last week. Loxley Pacific, the Thailand-based Internet service provider, confirmed the North Korean outage but did not say what caused it.
The South Korean shutdown did not affect government agencies or potential targets such as power plants or transportation systems, and there were no immediate reports that bank customers’ records were compromised, but the disruption froze part of the country’s commerce.
Some customers were unable to use the debit or credit cards that many rely on more than cash. At one Starbucks in downtown Seoul, customers were asked to pay for their coffee in cash, and lines formed outside disabled bank machines.
Shinhan Bank, a major South Korean lender, reported a two-hour system shutdown, including online banking and automated teller machines. It said networks later came back online and that banking was back to normal. Shinhan said no customer records or accounts were compromised.
Another big bank, Nonghyup, said its system eventually came back online. Officials didn’t answer a call seeking details on the safety of customer records. Jeju Bank said some of its branches also reported network shutdowns.
Broadcasters KBS and MBC said their computers went down at 2 p.m., but that the shutdown did not affect TV broadcasts. Computers were still down about seven hours after the shutdown began, according to the state-run Korea Communications Commission, South Korea’s telecom regulator.
The YTN cable news channel also said the company’s internal computer network was paralyzed. Footage showed workers staring at blank computer screens.
KBS employees said they watched helplessly as files stored on their computers began disappearing.
Last year, North Korea threatened to attack several news companies, including KBC and MBC, over their reports critical of children’s’ festivals in the North.
"It’s got to be a hacking attack," said Lim Jong-in, dean of Korea University’s Graduate School of Information Security. "Such simultaneous shutdowns cannot be caused by technical glitches."
The Korea Information Security Agency had reported that an image of skulls and a hacking claim had popped up on some of the computers that shut down, but later said those who reported the skulls did not work for the five companies whose computers suffered massive outages. KISA was investigating the skull images as well.
An official at the Korea Communications Commission said investigators speculate that malicious code was spread from company servers that send automatic updates of security software and virus patches.
LG Uplus Corp., which provides network services for the companies that suffered outages, saw no signs of a cyberattack on its networks, company spokesman Lee Jung-hwan said.
The South Korean military raised its cyberattack readiness level but saw no signs of cyberattacks on its networks, the Defense Ministry said.
No government computers were affected, officials said. President Park Geun-hye called for quick efforts to get systems back online, according to her spokeswoman, Kim Haing.
The shutdown raised worries about the overall vulnerability to attacks in South Korea, a world leader in broadband and mobile Internet access. Previous hacking attacks at private companies compromised millions of people’s personal data. Past malware attacks also disabled access to government agency websites and destroyed files in personal computers.
Seoul believes North Korea runs an Internet warfare unit aimed at hacking U.S. and South Korean government and military networks to gather information and disrupt service.
Seoul blames North Korean hackers for several cyberattacks in recent years. Pyongyang has either denied or ignored those charges. Hackers operating from IP addresses in China have also been blamed.Next Page >
Copyright 2014 The Salt Lake Tribune. All rights reserved. This material may not be published, broadcast, rewritten or redistributed.