A hacking attack that paralysed the computer systems of South Korean broadcasters and banks on Wednesday originated from a Chinese internet address, fuelling suspicion that North Korea may be behind the shutdowns of 32,000 computers.
The Korea Communications Commission, which oversees telecoms and broadcasting, said on Thursday that a management server of Nonghyup Bank, one of the three affected institutions, was accessed by a Chinese IP address that generated malignant files. It added that the attacks into six infected institutions all came from a single entity and it was trying to track down the perpetrators.
“There can be many inferences based on the fact that the IP address is based in China,” Park Jae-moon, the KCC’s head of network policy, told a briefing. “We’ve left open all possibilities and are trying to identify the hackers.”