The computer networks that operate the systems of thee important South Korean banks and also two of the nation’s major broadcasters were the targets of Wednesday’s cyberattacks which some specialists presume to have originated in North Korea, which has threatened its far more affluent southern neighbor repeatedly.
The attacks, which left many South Koreans unable to withdraw money from A.T.M.’s and news broadcasting crews staring at blank computer screens, came as the North’s official Korean Central News Agency quoted the country’s leader, Kim Jong-un, as threatening to destroy government installations in the South, along with American bases in the Pacific.
Though American officials dismissed those threats, they also noted that the broadcasters hit by the virus had been cited by the North before as potential targets. The Korea Communications Commission said Thursday that the disruption originated at an Internet provider address in China but that it was still not known who was responsible.
Many analysts in Seoul suspect that North Korean hackers honed their skills in China and were operating there. At a hacking conference here last year, Michael Sutton, the head of threat research at Zscaler, a security company, said a handful of hackers from China “were clearly very skilled, knowledgeable and were in touch with their counterparts and familiar with the scene in North Korea.”