IT Official Blames N. Korea for Cyber Attacks

North Korea was behind the cyber attacks that occurred a year ago Wednesday, according to a government IT source in South Korea.

The distributed denial of service, or DDoS, attacks paralyzed more than 20 domestic sites including those of the presidential office and major portal sites.

On foreign media reports saying no evidence linked the North to the attacks, Jeong Seok-hwa, investigation director at the Cyber Terror Response Center in charge of the investigation, said, “No country including the U.S. could identify the origin of the DDoS attacks that occurred a year ago. Thankfully, the discovery by Korean investigation agencies has been the most credible so far.”

On how he was sure that it was Pyongyang, Jeong said, “It might be too early to conclude this, but the facts so far have shown that the IP address used for the attacks was the same one rented by North Korea’s Posts and Telecommunications Ministry from a Chinese Internet provider.”

“The attack was waged by dozens of people, not one individual,” he added.

According to the National Police Agency, the cyber center in October last year found that the attacks originated from the IP of the North’s ministry.

A lieutenant on the investigation team was promoted to inspector in recognition of this discovery. He refused to disclose more, however, saying “Giving out more details will compromise our national strategy,” but added, “It was possible thanks to the technical capability we’ve accumulated for more than 10 years since the cyber center’s launch.”

Amid rising fears over a second cyber attack from the North, Jeong said, “Attack rumors were prevalent in April and May, but nothing really happened. But there certainly is the possibility of another attack. One of the servers that made the attack order seems to have copied all files saved on zombie PCs, or those in charge of the attack.”

This indicates that zombie PCs analyzed the files South Koreans frequently use to make more of them when starting an attack.

On preventing a cyber attack, Jeong said, “We cannot prevent zombie PCs from multiplying even with the latest vaccine program. The government must distribute free firewall programs (used for protection in Internet banking services).

With the investigation over last year’s cyber attacks ongoing, Jeong pledged to find the culprit. “We’ve done everything we can within the country. Since the attack originated from China, which is beyond our investigative jurisdiction, we will collaborate with China to find who did it,” he said.