{
	"id": "26f4f647-82c5-42a5-8ce5-bc56adf7381d",
	"created_at": "2026-04-06T00:06:36.155689Z",
	"updated_at": "2026-04-10T03:20:24.477718Z",
	"deleted_at": null,
	"sha1_hash": "d2fc5fd41048da64ef34d258f7662b3598e6c3c9",
	"title": "After US, cyber attackers target South Korea",
	"llm_title": "",
	"authors": "",
	"file_creation_date": "0001-01-01T00:00:00Z",
	"file_modification_date": "0001-01-01T00:00:00Z",
	"file_size": 34679,
	"plain_text": "After US, cyber attackers target South Korea\r\nBy Matthew Weaver\r\nPublished: 2009-07-08 · Archived: 2026-04-05 16:28:27 UTC\r\nNorth Korean hackers are suspected of launching a cyber-attack on some of the most important government\r\noffices in the US and South Korea in recent days, including the White House, the Pentagon, the New York Stock\r\nExchange and the presidential Blue House in Seoul.\r\nThe attack took out some of South Korea's most important websites, including those of the Blue House, the\r\ndefence ministry, the national assembly, Shinhan bank, Korea Exchange bank and the top internet portal Naver.\r\nAhn Jeong-eun, a spokeswoman for Korea Information Security Agency, said the websites of 11 organisations had\r\neither gone down or had access problems.\r\nThe Associated Press reported that the White House, Pentagon and New York Stock Exchange were also targeted,\r\nbut apparently deflected the electronic barrage. South Korea's Yonhap news agency said military intelligence\r\nofficers were looking into the possibility that the attack may have been carried out by North Korean hackers and\r\npro-North Korea forces in the South.\r\nIt resembles an attack that began last Saturday on government websites in the US, including some that are\r\nresponsible for fighting cyber-crime.\r\nJohn Bumgarner, director of research at the US Cyber Consequences Unit, said: \"There's been a lot chatter\r\nrecently about cyber-war. The North Koreans may have felt they were not getting enough attention launching\r\nmissiles so they moved into another potential warfare – cyber. It's a form of sabre rattling. But the big question is,\r\ndid the North Koreans launch it themselves or did someone do it for them?\"\r\nYang Moo-jin, a professor at Seoul's University of North Korean Studies, said he doubted whether the North had\r\nthe capability to knock down the websites.\r\nBut Hong Hyun-ik, an analyst at the Sejong Institute thinktank, said the attack could have been carried out by\r\neither North Korea or China, saying he \"heard North Korea has been working hard to hack into\" South Korean\r\nnetworks.\r\nSouth Korea's National Intelligence Service told a group of politicians today that it believes that North Korea or\r\nits sympathisers were behind the attacks, a source at the meeting told Associated Press.\r\nThe agency refused to comment, but it confirmed it was working with US authorities to investigate the attack. It\r\nsaid it believed the attack was thoroughly prepared and committed \"at the level of a certain organisation or state\".\r\nThe attacks appeared to be linked to problems on the US sites, although investigators were still unsure who was\r\nbehind them, Ahn said.\r\nhttps://www.theguardian.com/world/2009/jul/08/south-korea-cyber-attack\r\nPage 1 of 2\n\nIn the US, the treasury department, secret service, Federal Trade Commission and transport department websites\r\nwere all down at varying points over the 4 July holiday weekend. Some of the sites were still experiencing\r\nproblems last night.\r\nThe website of the Washington Post was also affected. Its computer security writer Brian Krebs blamed \"malicious\r\nsoftware\" that ordered infected PCs to repeatedly visit targeted websites. A large proportion of the PCs involved\r\nwere located in South Korea, he reported.\r\nAn initial investigation in South Korea found that many personal computers were infected with a virus ordering\r\nthem to visit official websites in South Korea and the US at the same time, the Korean information agency official\r\nShin Hwa-su said.\r\nThe US homeland security department confirmed that officials had received reports of \"malicious web activity\"\r\nand said they were investigating. Two government officials confirmed that the treasury and secret service sites had\r\nbeen brought down, and said the agencies were working with their internet service provider to resolve the\r\nproblem.\r\nBen Rushlo, director of internet technologies at the website monitoring company Keynote Systems, called it a\r\n\"massive outage\".\r\nDenial of service attacks against websites are not uncommon, and are usually caused when sites are deluged with\r\ninternet traffic to take them offline. Documenting cyber-attacks against government sites is difficult, and depends\r\nheavily on how agencies characterise an incident and how successful or damaging it is.\r\nSource: https://www.theguardian.com/world/2009/jul/08/south-korea-cyber-attack\r\nhttps://www.theguardian.com/world/2009/jul/08/south-korea-cyber-attack\r\nPage 2 of 2",
	"extraction_quality": 1,
	"language": "EN",
	"sources": [
		"MISPGALAXY",
		"ETDA",
		"Malpedia"
	],
	"references": [
		"https://www.theguardian.com/world/2009/jul/08/south-korea-cyber-attack"
	],
	"report_names": [
		"south-korea-cyber-attack"
	],
	"threat_actors": [],
	"ts_created_at": 1775433996,
	"ts_updated_at": 1775791224,
	"ts_creation_date": 0,
	"ts_modification_date": 0,
	"files": {
		"pdf": "https://archive.orkl.eu/d2fc5fd41048da64ef34d258f7662b3598e6c3c9.pdf",
		"text": "https://archive.orkl.eu/d2fc5fd41048da64ef34d258f7662b3598e6c3c9.txt",
		"img": "https://archive.orkl.eu/d2fc5fd41048da64ef34d258f7662b3598e6c3c9.jpg"
	}
}