Several major S. Korean computer networks freeze; some coming back online
Updated 5:25 a.m. ET
SEOUL, South Korea Computers networks at two major South Korean banks and three top TV broadcasters went into shutdown mode en masse Wednesday, paralyzing bank machines across the country and prompting speculation of a cyberattack by North Korea.
Screens went blank promptly at 2 p.m. local time, with skulls reportedly popping up on the screens of some computers -- a strong indication that hackers planted a malicious code in South Korean systems, the state-run Korea Information Security Agency said. Some computers started to get back online more than 2-1/2 hours later.
Police and South Korean officials investigating the shutdown said the cause was not immediately clear. But speculation centered on North Korea, with experts saying a cyberattack orchestrated by Pyongyang was likely to blame.
The government issued a cybersecurity advisory warning website owners to beware of cyberattacks, the KCC said.
- Nuke sales fears rekindled after recent N. Korea test
- Threat from N. Korea more pressing than Iran's?
- U.S. ramping up missile defense to meet North Korea threat
The shutdown comes amid rising rhetoric and threats of attack from Pyongyang in response to U.N. punishment for its December rocket launch and February nuclear test. Washington also expanded sanctions against North Korea this month in a bid to cripple the regime's ability to develop its nuclear program.
North Korea has threatened revenge for the sanctions and for ongoing routine U.S.-South Korean military drills it considers invasion preparation.
LG Uplus Corp., South Korea's third-largest mobile operator, which also operates landline services, said the company's networks are operating normally and it did not see any signs of a cyberattack, company spokesman Lee Jung-hwan said.
The companies whose networks shut down Wednesday afternoon all use LG Uplus, but also use other services from SK Telecom Co. and KT Corp, he said.
But the Reuters news agency reports that, "The network provided by LG UPlus Corp showed a page that said it had been hacked by a group calling itself the "Whois Team", an unknown group. It featured three skulls and a warning that this was the beginning of 'Our Movement"'.
Accusations of cyberattacks on the Korean Peninsula are not new. Seoul believes Pyongyang was behind at least two cyberattacks on local companies in 2011 and 2012.
The latest network paralysis took place just days after North Korea accused South Korea and the U.S. of staging a cyberattack that shut down its websites for two days last week. The Thai-based Internet service provider confirmed the outage, but did not say what caused the shutdown in North Korea.
The accusations from both sides show that the warfare between the foes has expanded into cyberspace.
Last week, North Korea's Committee for the Peaceful Reunification of Korea warned South Korea's ``reptile media'' that Pyongyang was prepared to wage a "sophisticated strike'' on the South.
"(Wednesday's outage has) got to be a hacking attack," Lim Jong-in, dean of Korea University's Graduate School of Information Security, said of Wednesday's events. "Such simultaneous shutdowns cannot be caused by technical glitches."
Shinhan Bank, a lender of South Korea's fourth-largest banking group, reported a system shutdown, including online banking and automated teller machines. The company couldn't conduct any customer activities at bank windows, including retail and corporate banking.
At one Starbucks in downtown Seoul, customers were asked to pay for their coffee in cash, and lines were forming outside disabled bank machines. Seoul is a largely cashless society, with many people using debit and credit cards.
Broadcasters KBS and MBC said their computers went down at 2 p.m., but officials said the shutdown did not affect daily TV broadcasts.
YTN cable news channel also said the company's internal computer network was completely paralyzed. Local TV showed workers staring at blank computer screens.
Shinhan Bank said its networks were back online by 3:50 p.m. local time and that banking was back to normal at branches and online. But computers at KBS and MBC were still down more than three hours after the shutdown began, the news outlets said.
The South Korean military raised its cyberattack readiness level Wednesday following the shutdown, the Defense Ministry said. Defense officials reported no signs of cyberattacks on its ministry's computer network and had no immediate details about the broader shutdown.
No government computers were affected, officials said. President Park Geun-hye called for quick efforts to get systems back online, according to her spokeswoman, Kim Haing.
The investigation will take months, Lim said.
"Hackers attack media companies usually because of a political desire to cause confusion in society," he said. "Political attacks on South Korea come from North Koreans."
Massive shutdowns of the networks of major companies take at least one to six months of planning and coordination, said Kwon Seok-chul, chief executive officer of Seoul-based cyber security firm Cuvepia Inc.