my timesThe Korea Times
  1. South Korea

'NK behind cyber attack on newspaper'

Listen
By Kim Rahn
  • Published KST
  • Updated KST

By Kim Rahn

A cyber attack on a domestic daily newspaper, JoongAng Ilbo, last June was committed by North Korea, according to police.

The Cyber Terror Response Center under the National Police Agency said Wednesday that the Stalinist state was the source of the hacking that destroyed parts of the database and paper-making systems of one of the nation’s largest newspapers.

It was the fifth time an alleged North Korean cyber attack was detected, following distributed denial-of-service (DDoS) attacks on websites of government agencies and financial institutions in July 2009 and March 2011; the hacking of Nonghyup’s banking network in April 2011; and additional hacking of email accounts belonging to students at Korea University in November that year.

On June 9 last year, one of the two main domains of the newspaper was shut down.

When accessed, a picture of a grinning cat, with its mouth covered by a paw, appeared with unknown codes in green lettering. Then, the message, “Hacked by IsOne” appeared.

Investigators said that Internet Protocols (IPs) used in this hacking were based in China but were rented by the Korea Post and Telecommunications Corp., a telecommunications company affiliated with the North Korean Ministry of Post and Telecommunications.

“One of the IPs was identical to one used in two previous attacks in March and April 2011. The chance of one IP, out of some 4 billion IPs worldwide, to be used for three cyber attacks accidentally, is almost zero,” a police officer said.

He said malignant codes used in the 2009 attack and the Korea University hacking were also used this time as well.

Police also said the hackers prepared for the attack for about two months. “They began intensively accessing the newspaper’s website through the IPs on April 21 last year. On April 23, North Korea declared that it would soon launch a ‘special action’ against the South and mentioned several media companies as targets,” the officer said.

He said there is a strong chance that similar attacks will be made, advising media firms to strengthen online security.