SEOUL — A North Korean military intelligence unit has been identified by Seoul as masterminding a recent cyber attack that paralyzed operations at one of South Korea's largest banks last month.
After weeks of investigation, Seoul's prosecution has concluded that hackers from the General Bureau of Reconnaissance (GBR) of the (North) Korean People's Army brought down the computer system of the National Agricultural Cooperative Federation, or Nonghyup.
The hackers remotely operated the laptop of an employee of a Nonghyup subcontractor after turning it into a "zombie computer" for the attack on April 12, Seoul's prosecution said. The cyber attack left thousands of customers unable to access their money for a week.
"This was unprecedented cyber-terror deliberately planned and premeditated and involving North Korea," the prosecution said in a statement. The attack was a new type of cyber terrorism that targeted a private firm in an effort to destroy the financial system which is the backbone of the South's capitalist economy, it said.
Also In This Edition
The pattern used to spread malicious codes and the China-registered IP address used for the attack was identical to those deployed in previous cyber-attacks by the North, the prosecution said. North Korean hackers based in China are believed to have launched the cyber attacks, it said.
The prosecutors said the hacking method used in the April 12 cyber attack was similar to that used by North Korea for previous cyber attacks on key South Korean government and business Web sites in 2009 and in March this year.
The North's "distributed denial-of-service" (DDoS) attack in July 2009 temporarily shut down 25 sites domestically and in the United States.
In March, the North again launched electronic attacks, jamming communications that could disrupt the use of GPS-based navigational devices and using malicious software to assault the Web sites of Seoul's key government agencies and financial institutions.