Computer networks at major South Korean banks and top television broadcasters crashed simultaneously yesterday, paralyzing bank machines across the country and prompting speculation of a cyberattack by North Korea.
Screens went blank at 2pm, the state-run Korea Information Security Agency said, and more than six hours later, some systems were still down.
South Korean authorities could not immediately determine responsibility, but some experts suspect a cyberattack orchestrated by Pyongyang. The rivals have exchanged threats amid joint US-South Korean military drills and in the wake of UN sanctions meant to punish North Korea over its nuclear test last month.
The latest network paralysis took place just days after North Korea accused South Korea and the US of staging a cyberattack that shut down its Web sites for two days last week. Thailand-based Internet provider Loxley Pacific confirmed the North Korean outage, but did not say what caused it.
The South Korean shutdown did not affect government agencies or potential targets such as power plants or transportation systems and there were no immediate reports that bank customers’ records were compromised, but the disruption froze some commerce.
Major South Korean banks reported shutdowns, but networks later came back online and banking went back to normal.
Broadcasters KBS and MBC said their computers went down at 2pm, but officials said the shutdown did not affect daily TV broadcasts. Computers were still down more than five hours after the shutdown began, the news outlets said.
KBS employees said they watched helplessly as files stored on their computers began disappearing. Last year, North Korea threatened to attack several news companies, including KBC and MBC.
An official from the Korea Communications Commission said in a televised news briefing that investigators speculate that malicious code was spread from company servers that send automatic updates of security software and virus patches.
Orchestrating the mass shutdown would have taken at least one to six months of planning and coordination, said Kwon Seok-chul, CEO of cybersecurity firm Cuvepia Inc.
Kwon said he has not yet seen signs that the malware was distributed by North Korea.
“But hackers left indications in computer files that mean this could be the first of many,” he added.