The DPRK has made its first comment on allegations that it was behind a cyber attack on a large South Korean bank and, not surprisingly, has denied any involvement.
Last week South Korean prosecutors said they had found evidence that North Korea was behind the April attack, which brought chaos to the computer system and ATM network of Nonghyup Bank for several days. It was one of the most disruptive cyber attacks to-date on the South Korean financial system.
Prosecutors made the allegations after examining the laptop of an IBM employee working at the bank. The laptop was apparently used as a gateway into the bank’s network. Software in the computer was similar to that seen in previous attacks, local media quoted the prosecutor as saying.
“We found programming methods that were also detected in the previous two cyber attacks, such as the method of encoding the malicious commands,” senior prosecutor Kim Yeong-dae said at a press briefing.
The way the codes were distributed was similar to that of the previous attacks, and the Internet Protocol (IP) of a server used to control the zombie PC was identical as the one used in the distributed denial-of-service (DDoS) attack in March. Nonghyup was one of the targets in both the former attacks. — Korea Times, May 3, 2011.
The IP address was linked to North Korea’s Ministry of Posts and Telecommunications and was also used in two large denial of service attacks that hit South Korean Internet sites earlier this year and last year, officials said.
The problem with this explanation is that tracing a cyber attack is often much more complicated than finding an IP address.
Highly sophisticated attacks often involve routing commands through multiple PCs. The address detected might be one of several relay machines, usually being used without the owner’s knowledge.
To-date prosecutors are yet to offer any detailed information that conclusively ties the attacks to the DPRK.
To be sure, the North does appear to have the ability to launch such attacks — if the wealth of previous reports on the country’s cyber security expertise are correct — and it fits the sabre-rattling that often takes place between the two neighbors.
The statement was carried on Voice of Korea and KCNA. Here’s the Voice of Korea statement in English:
[audio:https://www.northkoreatech.org/wp-content/uploads/2011/05/110511-vok-hacking.mp3]And here’s the full text as carried on KCNA:
South Korea reportedly met the "greatest banking computer disturbance ever in history", in which the banking computer network of the "National Agricultural Cooperative Federation" has been put at the worst paralysis since April 12. This case caused a great loss and south Korea experienced a hot agony of shame in the eyes of the world. What is at issue is the fact that the group of traitors let the puppet Intelligence Service and prosecution finally announce this case as "done by the north" after making "joint investigation" into it for nearly one month. What the group claimed as evidence to link the case with the DPRK is that the IP used in attacking the said computer network was identical with the IP of the DPRK Ministry of Post and Telecommunications and the attack was based on the delicate and accurate way of remote control whereby its attacker was supposed to be a special cyber unit. It also asserted that such attack was hard to be carried out without mighty human and material resources and this was not an attack for "gaining specified interests" such as stealing fund and data but repeated attack aimed at "indiscriminate destruction." Its assertions are just absurd argument based on unreasonable ground. Even the members of the federation hard hit by what happened, in actuality, refuted the announcement that "the north was responsible for the cyber attack" as a "hasty conclusion" as it lacked scientific accuracy. Even the Defense Security Command of the puppet army known not to lag behind others in investigating cases officially declared that the incident cannot be branded as an "attack made by the north Korean military." Moreover, experts cast doubt about the assertion that "it was done by the north," querying "Had the IPs used for the above-said attack belonged to U.S., Japan or south Korea, the U.S., Japan and south Korea should have been accountable for having created this confusion." Last year the south Korean authorities asserted that the "Cheonan" sinking case was "linked with the north" as the propelling body of the torpedo they claimed sank it was inscribed with letters "No. 1." Different circles of south Korea are now widely jeering at them, putting up questions as to how many letters "No. 1" were attached to the IPs which were used for attacking the Federation's banking computer network. In the final analysis, the story about "the north's involvement" spread by the group of traitors is creating fresh suspicion even in its own camp and it is, therefore, derided by people for being one more farce and charade. The above-said story floated by the group is aimed at saving its policy of confrontation with the north from shaking to its very foundation, weathering the crisis of its state administration fully disclosed in the closing years of its rule before and after the April 27 by-election and evade the responsibility for having stemmed the trend of national reconciliation, unity, peace and prosperity. All the developments go to prove that the group of traitors' rumor that "the north was responsible for what happened" is one more farce staged against the nation to realize its sinister attempt and an anti-DPRK charade as ridiculous as the "Cheonan" warship sinking case. There are sayings that one should reflect on one's deed before pulling up others and one had better mind one's own business. The group of traitors should boldly discard its bad habit of finding fault with others. And it should immediately stop its reckless war exercises, waiting for someone's "contingency" to take place, unaware of its situation where it is threatened with total collapse. The group of traitors should bear in mind that the more anachronistic anti-DPRK farce and charade it orchestrates, the bitterer disgrace and fiasco it will face.