Important update: South Korean officials said Friday that they erred in linking a massive cyberattack against banks and broadcasters this week to an Internet address in China — illustrating the difficulties inherent in identifying the hackers behind such attacks.
Tensions remain high in the Pacific.
On Monday, Pentagon officials reported that the United States in joint exercises with South Korea flew B-52 bombers over the peninsula carrying out simulated nuclear bombing raids on North Korea. They described the action as part of ongoing U.S.-South Korean military exercises.
North Korea described the exercises as an “unpardonable provocation.”
The North’s supreme army command said in a statement carried by state media, “The US should not forget that the Anderson Airbase in Guam where the B-52s take off, as well as naval bases at Japan’s main island and Okinawa, are all within the range of our precision target assets.”
Pentagon press secretary George Little called the strategic bombings taking place in the Korean peninsula routine, but added in his press statement “The B-52 Stratofortress can perform a variety of missions including carrying precision-guided conventional or nuclear ordnance.” Reference to precision-guided nuclear ordinance is clearly not routine.
While the US and North Korea were busy threatening one another with missile attacks and even the use of nuclear force, South Korean banks and broadcasters were hit by cyber attacks in which malware affected approximately 32,000 computers at six organizations.
The attack originated from an IP address in China.
South Korean officials stressed that the IP address did not reveal the perpetrator of the attack. It is widely known that hackers can route attacks through addresses in other countries to obscure their identities.
Park Jae-moon, South Korea’s communications regulator said, “Unidentified hackers used a Chinese IP address to contact servers of the six affected organizations and plant the malware which attacked their computers.” He stated, “At this stage, we’re still making our best efforts to trace the origin of attacks, keeping all kinds of possibilities open.”
Technology experts report that “proving that Pyongyang was behind these latest attacks on computer systems at South Korean banks and broadcasters, if it was, is expected to take weeks or even months of painstaking research.”
Presumably South Korean newspapers have access to South Korea’s communications regulator, yet all Korean majors, Joong Ang Daily, The Korea Times, Choson Ilbo wrote immediately to accuse North Korea of the attack. Does this help? Antagonizing an unstable, nuclear equipped hostile neighbor based on unfounded speculation?
Similarly, there are related implications for the constant accusation by the US of China-based cyber attacks into US national entities and private companies. The Obama administration is considering more assertive action against Beijing to combat a persistent cyber-espionage campaign it believes Chinese hackers are waging against U.S. companies and government agencies.
An NBC news article notes that The New York Times and The Wall Street Journal have reported that their computer systems have been repeatedly targeted by hackers based in China for the past several months.
The current attack on South Korea reminds us of what even tech-dummies know; hackers can route their attacks through IP addresses anywhere in the world. Are the US based accusations of China based on a deeper knowledge about attacks that originate in China? If so, and since we are choosing to intensify hostile diplomatic postures toward China because of this, shouldn’t officials plainly and clearly report the distinction?
Of course North Korea might be hacking South Korea. Of course China might be hacking the US. Of course the US must defend South Korea with a full range of military options. These are not the questions.
The question is what is the value of careless, incendiary, unfounded accusations, and the value of extreme threats of hellish proportions, especially when involving relations that already have degenerated nearly beyond repair?
In common, daily life we are fairly familiar with what makes things better and what makes things worse. A fourth grade teacher – and probably most of her students – knows how to stop the escalation of hostilities. Is it somehow the case that governments, media and other pillars of our highly fragile world are meant to be exempt from the common sense that obtains just about everywhere in normal daily life?