January 17, 2013 09:33
North Korea was behind a hacking attack on the conservative Joongang Ilbo in June last year, according to the National Police Agency's Cyber Terror Response Center.
The North launched two massive so-called distributed denial-of-service attacks on various targets in South Korea on July 7, 2009 and March 4, 2011, hacked into Nonghyup Bank's computer systems, and used malicious codes to access the e-mail accounts of students and alumni of Korea University. Then in June 2012 it struck the newspaper's website.
According to police, North Korean hackers infiltrated the Joongang Ilbo's administrator computer on June 7 last year, and used malicious codes to access the daily's production system two days later.
Instead of the front page, a picture of a white cat grinning and covering its mouth appeared on the daily's website, with the words, "Hacked by IsOne," flashing beneath the picture. Production of the paper was also paralyzed.
Investigators traced "IsOne" to an IP address at North Korea's Ministry of Posts and Telecommunications, from where hackers repeatedly accessed the daily's main server since April 21 last year. The North evidently collected information about the daily for more than a month and planted malicious codes.
"The first hacking attack on the server was nearly timed with the North Korean Army's warning on April 23 last year of provocation that a 'revolutionary force will take action soon,'" police said. "It seems that the North made meticulous preparations once it singled out a particular media outlet for the cyber attack."
The actual attack used 17 overseas servers in 10 countries, one of which had also been used in the DDoS attacks in March, 2011 and in the hacking attack on Nonghyup Bank. The malicious codes were the same that had been used in the DDoS attacks in July 2009 and in the hacking of the Korea University e-mail accounts.
- Copyright © Chosunilbo & Chosun.com