Cookie consent

We use cookies to improve your experience on this website. By continuing to browse our site you agree to our use of cookies. Tell me more | Cookie preferences

South Korea says hacking not from Chinese address

Members of the Korea Internet Security Agency (KISA) check on cyber attacks at a briefing room of KISA in Seoul on March 20, 2013.

Story highlights

  • Wednesday's suspected cyberattack hit 32,000 computers
  • Nine companies fell victim to the malicious code
  • Government computers weren't affected
  • South Korea has blamed the North in the past, which has rejected the allegations

The suspected cyberattack that struck South Korean banks and media companies this week didn't originate from a Chinese IP address, South Korean officials said Friday, contradicting their previous claim.

The Korea Communications Commission, a South Korean regulator, said that after "detailed analysis," the IP address that was thought to be from China was determined to be an internal IP address from one of the banks that was infected by the malicious code.

It said, though, that "the government has confirmed that the attack was from a foreign land."

An IP address is the number that identifies a network or device on the Internet.

Read: Why cyber attacks threaten our freedom

Widespread damage

    The attack Wednesday damaged 32,000 computers and servers at media and financial companies, South Korea's Communications Commission said.

      Just Watched

      Experiencing a potential cyberattack

    Experiencing a potential cyberattack 04:17
    PLAY VIDEO

      Just Watched

      Internet outage hits South Korea

    Internet outage hits South Korea 02:56
    PLAY VIDEO

      Just Watched

      Cybersecurity concerns for China, U.S.

    Cybersecurity concerns for China, U.S. 04:26
    PLAY VIDEO

    It infected banks' and broadcasters' computer networks with a malicious program, or malware, that slowed or shut down systems, officials and the semiofficial Yonhap News Agency said.

    The military stepped up its cyberdefense efforts in response to the widespread outages, which hit nine companies, Yonhap reported, citing the National Police Agency.

    Government computer networks did not seem to be affected, Yonhap cited the National Computing and Information Agency as saying. A joint team from government, the military and private industry was responding.

    How the hackers got in and spread the malicious code remains under investigation, and analysts are examining the malware, a South Korean official close to the investigation said.

    Read: International cyber attacks on the rise

    Blaming North Korea in the past

    South Korea has accused the North of similar hacking attacks before, including incidents in 2010 and 2012 that also targeted banks and media organizations. The North rejected the allegations.

    The outages come amid heightened tensions on the Korean Peninsula, with the North angrily responding to a recent U.N. Security Council vote to impose tougher sanctions on Pyongyang after the country's latest nuclear test last month.

    Last week, North Korea invalidated its 60-year-old armistice with the South. It has threatened to attack its neighbor with nuclear weapons and has also threatened the United States.

    The armistice agreement, signed in 1953, ended the three-year war between North and South but left the two nations technically in a state of war.

    The United States has deployed B-52 bombers to conduct high-profile flyovers of its South Korean ally and announced that it will deploy new ground-based missile interceptors on its West Coast against the remote possibility that North Korea could strike the United States with long-range weapons.