South Korea issued a cyberattack alert yesterday after hackers penetrated a number of official Web sites, including the presidential Blue House, on the anniversary of the outbreak of the Korean War.
“The government can confirm a cyber attack by unidentified hackers that shut down several sites including the Blue House,” the science ministry said in a statement, adding that the five-stage national cyberalert had been raised from level one to two.
A number of news media Web sites and several government agencies, including the office for Government Policy Coordination and the ruling New Frontier Party, were also affected by what seemed to be a coordinated attack beginning at 10:45am.
The hacking coincided with the 63rd anniversary of the start of the Korean War on June 25, 1950.
The ministry statement did not speculate on who might be responsible. Investigations into several recent large-scale cyberassaults on South Korean media groups and financial institutions concluded that they originated in North Korea.
A number of posts left on the hacked sites claimed to be the work of the global “hacktivist” group Anonymous and included messages praising North Korean leader Kim Jong-un.
As of 6am GMT, the Blue House Web site was closed down, with a message saying the site was “under maintenance.”
Anonymous denied any involvement on its official Twitter account, but said it had succeeded in hacking a number of North Korean media Web sites yesterday, including the official Korean Central News Agency and the ruling party newspaper, Rodong Sinmun.
Both sites were briefly inaccessible yesterday morning, but appeared to be running normally a few hours later.
South Korea has sought to beef up its cyber defenses since a March 20 attack completely shut down the networks of TV broadcasters KBS, MBC and YTN, halted financial services and crippled operations at three banks.
An official investigation determined North Korea’s military intelligence agency was responsible, with a joint team of civilian and government experts tracing the origin to six personal computers used in North Korea.
To spread malware in target computers, the hackers went through 49 different places in 10 countries, including South Korea, the investigation found. The North had used 22 of the places in past attacks.
About 48,700 machines, including PCs, automatic teller machines and server computers, were damaged in the attack, which coincided with heightened military tensions on the Korean peninsula, following Pyongyang’s nuclear test in February.
North Korea was also blamed for cyberattacks in 2009 and 2011 that targeted South Korean financial entities and government agencies.