South Korea: Cyberattack Didn’t Come From China

Chinese-Made Exploit Kit Used, But Whodunnit?

South Korean officials continue to change their story on this week’s cyberattacks, which knocked out several major websites in the nation. Though they still seem to be hoping to blame the incident on North Korea, the trail is getting more and more vague.

Yesterday’s reports that the attacks originated in China have been retracted now, with officials conceding that the first attacks actually came from South Korea-based IP addresses.

The only link to China left is a claim by researchers that the attacks, whoever they are, userd a popular exploit kit designed by Chinese cyber-criminals. They concede that it was probably just acquired by them, and the attack was unlikely to have come from the actual designers.

US experts say they wouldn’t be surprised if North Korea did acquire the exploit kit, saying “if they wanted to get into a black market for cyber stuff, they would be good at that.” Yet this remains far from proof, or even evidence that it actually was them.

Author: Jason Ditz

Jason Ditz is Senior Editor for Antiwar.com. He has 20 years of experience in foreign policy research and his work has appeared in The American Conservative, Responsible Statecraft, Forbes, Toronto Star, Minneapolis Star-Tribune, Providence Journal, Washington Times, and the Detroit Free Press.