SEOUL - A cyber-attack caused computer networks at major South Korean banks and top TV broadcasters to crash simultaneously Wednesday, paralysing bank machines across the country and prompting speculation of North Korean involvement.
A cyber attack disabled systems in South Korea for several hours.
Screens went blank at 2 p.m. (12 noon Thailand time, 0500 GMT), the state-run Korea Information Security Agency said, and more than seven hours later some systems were still down.
Police and South Korean officials couldn't immediately determine responsibility and North Korea's state media made no immediate comments on the shutdown. But some experts suspected a cyber-attack orchestrated by Pyongyang. The rivals have exchanged threats amid joint US-South Korean military drills and in the wake of U.N. sanctions meant to punish North Korea over its nuclear test last month.
The network paralysis took place just days after North Korea accused South Korea and the US of staging a cyber-attack that shut down its websites for two days last week. Loxley Pacific, the Thailand-based Internet service provider, confirmed the North Korean outage but did not say what caused it.
The South Korean shutdown did not affect government agencies or potential targets such as power plants or transportation systems, and there were no immediate reports that bank customers' records were compromised, but the disruption froze part of the country's commerce.
Some customers were unable to use the debit or credit cards that many rely on more than cash. At one Starbucks in downtown Seoul, customers were asked to pay for their coffee in cash, and lines formed outside disabled bank machines.
Shinhan Bank, a major South Korean lender, reported a two-hour system shutdown, including online banking and automated teller machines. It said networks later came back online and that banking was back to normal. Shinhan said no customer records or accounts were compromised.
Another big bank, Nonghyup, said its system eventually came back online. Officials didn't answer a call seeking details on the safety of customer records. Jeju Bank said some of its branches also reported network shutdowns.
Broadcasters KBS and MBC said their computers went down at 2 p.m., but that the shutdown did not affect TV broadcasts. Computers were still down about seven hours after the shutdown began, according to the state-run Korea Communications Commission, South Korea's telecoms regulator.
The YTN cable news channel also said the company's internal computer network was paralysed. Footage showed workers staring at blank computer screens.
KBS employees said they watched helplessly as files stored on their computers began disappearing.
Last year, North Korea threatened to attack several news companies, including KBC and MBC, over their reports critical of children's' festivals in the North.
"It's got to be a hacking attack," said Lim Jong-in, dean of Korea University's Graduate School of Information Security. "Such simultaneous shutdowns cannot be caused by technical glitches."
The South Korean military raised its cyber-attack readiness level but saw no signs of cyber-attacks on its networks, the Defense Ministry said.
No government computers were affected, officials said. President Park Geun-hye called for quick efforts to get systems back online, according to her spokeswoman, Kim Haing.
The shutdown raised worries about the overall vulnerability to attacks in South Korea, a world leader in broadband and mobile Internet access. Previous hacking attacks at private companies compromised millions of people's personal data. Past malware attacks also disabled access to government agency websites and destroyed files in personal computers.
Seoul believes North Korea runs an Internet warfare unit aimed at hacking US and South Korean government and military networks to gather information and disrupt service.
Seoul blames North Korean hackers for several cyber-attacks in recent years. Pyongyang has either denied or ignored those charges. Hackers operating from IP addresses in China have also been blamed.
In 2011, computer security software maker McAfee Inc. said North Korea or its sympathisers likely were responsible for a cyber-attack against South Korean government and banking websites earlier that year. The analysis also said North Korea appeared to be linked to a 2009 massive computer-based attack that brought down US government Internet sites. Pyongyang denied involvement.
"North Korea has almost certainly done similar attacks before," said Tim Junio, a cyber-security fellow at Stanford University's Center for International Security and Cooperation. "Part of why this wasn't more consequential is probably because South Korea took the first major incident seriously and deployed a bunch of organisational and technical innovations to reduce response time during future North Korea attacks."
Latest stories in this category:
- New consoles, online games to keep market soaring to 2017
- iBeacon reaches out to US Apple shoppers
- Cloud firm Box raises $100 mn
- Microsoft leads attack on search traffic thieves
- Twitter pushes deeper into targeted advertising
- US tech sanctions hurt democracy activists
- Twitter appoints first female board member
- Microsoft joins move to encrypt Web traffic