Wednesday, March 20, 2013

South Korea Computers Crash, Causing Coffee Cash Crisis

"South Korean banks and media report computer network crash, causing speculation of North Korea cyberattack"
Associated Press, via (March 20, 2013)

"Computer networks at major South Korean banks and top TV broadcasters crashed simultaneously Wednesday, paralyzing bank machines across the country and prompting speculation of a cyberattack by North Korea.

"Screens went blank at 2 p.m., the state-run Korea Information Security Agency said, and more than six hours later some systems were still down...."
Since the United States and South Korea do joint military drills, which annoys North Kora's government, it's possible that North Korea is behind the attack. Then again, maybe not.

United Nations imposed sanctions on North Korea after last month's nuclear test, which gives the North another motive for scrambling South Korean computers.

The good news is that South Korea's government agencies, power plants, and transportation systems weren't affected.

The bad news is that this outage was a cyberattack, not the result of glitchy software or a squirrel's fiery annihilation in a power line's transformer.

Coffee Cash Crisis at Starbucks

South Korea's economy is one of the world's top 20. I doubt that being plunged into a cash-only world for a few hours will do much damage. On the other hand, I'm glad that I wasn't on coffee break in Seol when the ATMs died.
"...Some customers were unable to use the debit or credit cards that many rely on more than cash. At one Starbucks in downtown Seoul, customers were asked to pay for their coffee in cash, and lines formed outside disabled bank machines...."
(Associated Press, via

Cyberattack: or Really Bad Luck?

Machines break down sometimes. South Korean might have just been unlucky. Very unlucky.

In this case, so many systems going down at the same time seems - - - improbable.

I'm sincerely glad that I don't have the task of figuring out what happened in South Korea. Sorting through technical data may be much easier than separating accurate eyewitness reports from flights of fancy.
"...'It's got to be a hacking attack,' Lim Jong-in, dean of Korea University's Graduate School of Information Security. 'Such simultaneous shutdowns cannot be caused by technical glitches.'

"The Korea Information Security Agency had reported that an image of skulls and a hacking claim had popped up on some of the computers that shut down, but later said those who reported the skulls did not work for the five companies whose computers suffered massive outages. KISA was investigating the skull images as well...."
(Associated Press, via

Speculation and Denial

A Korea Communications Commission official said that destructive code might have been spread from servers sending automatic updates and virus patches for security software. The key word is 'might.' Right now, so soon after the event, I'd be very surprised if investigators had traced the problems to their source.

That said, I think it's reasonable to assume that the outage wasn't an accident. North Korea's leadership apparently denies that they're running an Internet warfare unit. Maybe so, but that outfit is still churning out cold-war-style variations on the old 'capitalistic imperialistic warmonger' rhetoric.

The effect their policies have on North Korea's citizens being what it is, I'm not surprised: distracting folks from bread-and-butter issues might seem expedient, and that's another topic.

Back to the dean of Korea University's Graduate School of Information Security:

"Likely," "Probable," and Motive

"...Lim said he believes hackers in China were likely culprits in the outage in Pyongyang, but that North Korea was probably responsible for Wednesday's attack.

" 'Hackers attack media companies usually because of a political desire to cause confusion in society,' he said. 'Political attacks on South Korea come from North Koreans.'..."
(Associated Press, via
I'm inclined to agree with dean Lim: someone probably wanted to mess with South Korean media to "cause confusion in society." Or frustration, anyway.

Consequences of today's attack might be a bit more serious than a few frazzled Starbucks customers. I don't think it's unreasonable to think that losing several hours of productivity, directly from out-of-service machines and indirectly from folks being a bit off their game after a disrupted schedule, might have at least a tiny effect on South Korea's economy.

More seriously, South Korea's servers are part of the Internet - so problems there could spread.

Not a Weekend Project

Whoever arranged for today's outage put a lot of effort into it. And, although it doesn't look like investigators know who the attacks planners were: this does seem to be an attack, the first of several.
"...Orchestrating the mass shutdown of the networks of major companies would have taken at least one to six months of planning and coordination, said Kwon Seok-chul, chief executive officer of Seoul-based cyber security firm Cuvepia Inc.

"Kwon, who analyzed personal computers at one of the three broadcasters shut down Wednesday, said he hasn't yet seen signs that the malware was distributed by North Korea.

" 'But hackers left indications in computer files that mean this could be the first of many attacks,' he said.

"Lim said tracking the source of the outage would take months."
(Associated Press, via

Coffee Breaks and Power Grids

I like living in the Information Age, but the benefits of fast global communication and continent-spanning power grids come with new problems.

The The Great Northeast Blackout of 1965 only affected 30,000,000 folks. About 100,000,000 people living in Java and Bali lost power in 2005, and back-to-back power failures in India last year set a new record: the July 30 and 31, 2012, events affected 620,000,000 people.

Since coordinating generators and transmission lines on today's scale involves software, 'throwing a monkey wrench' into the system can be done from the other side of the world.

Most of the serious discussion of 'cyberthreats' has focused on hacking into computers that control power grids, or ones holding secure information.

At least as disquieting, I think, is what could happen if someone managed to get into prescription formula databases, or got control of life support systems in a hospital.

Pleasant dreams.

Related posts:

No comments:

Unique, innovative candles

Visit us online:
Spiral Light CandleFind a Retailer
Spiral Light Candle Store


Note! Although I believe that these websites and blogs are useful resources for understanding the War on Terror, I do not necessarily agree with their opinions. 1 1 Given a recent misunderstanding of the phrase "useful resources," a clarification: I do not limit my reading to resources which support my views, or even to those which appear to be accurate. Reading opinions contrary to what I believed has been very useful at times: sometimes verifying my previous assumptions, sometimes encouraging me to change them.

Even resources which, in my opinion, are simply inaccurate are sometimes useful: these can give valuable insights into why some people or groups believe what they do.

In short, It is my opinion that some of the resources in this blogroll are neither accurate, nor unbiased. I do, however, believe that they are useful in understanding the War on Terror, the many versions of Islam, terrorism, and related topics.