Seoul’s spy agency has identified a North Korean hacker who could be behind a series of cyber attacks on South Korea and the US, a newspaper reported yesterday.
The National Intelligence Service (NIS) has found an Internet protocol (IP) address used by a North Korean whose family name is Yun, an unnamed government official told the Chosun daily.
The NIS was put on alert in January after North Korea was found to be stealing data from information technology research institutions using “distributed denial of service” (DDOS) attacks, the newspaper said.
Hackers this week planted viruses in thousands of personal computers in South Korea and overseas.
The newspaper reported that North Korea began DDOS attacks on a local network of the Korea Institute of Machines and Materials on June 30, which were carried out by North Korean hackers in China’s northeastern city of Shenyang.
“The NIS has long been tracking IP proxies used by North Koreans and it has learned of some IP proxies used by the North Korean [military] hackers’ unit,” the official was quoted as saying. “The NIS bases its belief that the attacks were the North’s work on this fact.”
Yonhap news agency said the NIS on Friday told lawmakers in a closed-door briefing that a North Korean research center called “Number 110” seems to have orchestrated the attacks.
The research center, which comes under the wing of the General Staff of the People’s Army, “is a well-trained unit on cyber attacks” the source told the news agency.