Tuesday saw the shut down of major media and government Web sites in both South Korea and North Korea. A group of anonymous hackers are taking responsibility for the attack, which coincides with the 63rd anniversary of the start of the Korean war that lasted from 1950 to 1953.
“The government confirms there was a cyberattack this morning by unidentified hackers that shut down several sites including the presidential Blue House, the prime minister’s office and some media companies,” the South Korean science ministry said in a statement, according to the Wall Street Journal.
According to BBC, messages praising North Korean leader Kim Jong-un and claiming that hacking collective Anonymous was responsible were left on the hacked Web sites. But the AFP reported that Anonymous denied any involvement in the South Korean cyber-attacks on its official Twitter account.
Where’s the Root?
We caught up with Ross Brewer, vice president and managing director for international markets at LogRhythm, to get his take on the news reports and what they really mean for cyber security. He told us South Korea is a highly advanced and leading cyber power, so the fact that its networks have suffered two major hacks in the last six months illustrates the severity and increasing prevalence of cyber war.
Back in March, he reminded, the attackers targeted South Korea’s computer networks and banks, but this time they have chosen a more significant target, which would suggest that the attacks are becoming more serious.
“Despite the rumors, the cause and origin of the attack remains unclear, and hackers managed to infiltrate systems to the point that the country was forced to issue a cyber alert — indicating that the visibility required to effectively monitor IT systems and identify and remediate any anomalous IT network behavior was not in place,” Brewer said.