SEOUL (Reuters) - South Korean authorities were investigating a hacking attack that brought down the servers of three broadcasters and two major banks on Wednesday, and the army raised its alert level due to concerns of North Korean involvement.
Servers at television networks YTN, MBC and KBS were affected as well as Shinhan Bank and NongHyup Bank, two major banks, the police and government officials said. At least some of the computers affected by the attacks had some files deleted, according to the authorities.
“We sent down teams to all affected sites. We are now assessing the situation. This incident is pretty massive and will take a few days to collect evidence,” a police official said.
The banks have since restored their operations, but the TV stations could not say when they would be able to get their systems back up. Some workers at the stations could not boot their computer.
Broadcasts were not affected.
South Korea’s military said it was not affected by the attack but raised its state of readiness in response. None of the country’s oil refineries, power stations, ports or airports was affected.
Police and government officials declined to speculate on whether North Korea, which has threatened to attack both South Korea and the United States after it was hit with United Nations sanctions for its February nuclear test, was behind the hacking.
The police played down expectations of a quick answer as to whether the North, which has hacker schools just like its ally China does, was responsible. One officer said it would take longer than a murder investigation to assign responsibility.
Some South Korean internet users posted an image of a page on social network sites that was purportedly seen through services provided by LG UPlus Corp in which a group calling itself the “Whois Team” took responsibility for the attacks.
But the claim could not be verified, and LG UPlus denied the existence of such a page.
North Korea has in the past targeted South Korea’s conservative newspapers, banks and government institutions.
The biggest hacking effort attributed to Pyongyang was a 10-day denial of service attack in 2011 that antivirus firm McAfee, part of Intel Corp, dubbed “Ten Days of Rain”. It said that attack was a bid to probe the South’s computer defenses in the event of a real conflict.
South Korean authorities said Woori Bank, another major local lender, was also attacked on Wednesday but was not infected.
North Korea last week complained that its own websites had been hacked, blaming the United States for staging cyber attacks aimed at “sabotages” against the country.
Reporting by Ju-min Park and Joyce Lee; Additional Reporting by Hyunjoo Jin and Lee Changho; Editing by David Chance and Raju Gopalakrishnan