The South Korean Science Ministry said it reached its conclusion after analyzing personal computers, malicious codes, Internet Protocol addresses and other data used in the attacks, which took place June 25 -- the anniversary of the outbreak of the Korean War.
"These were meticulously planned attacks that had been prepared at least for several months to find the weak spots of their targets," said Park Jae-moon, a senior ministry official.
About 90 percent of the attacked websites and servers have been repaired, the Yonhap News Agency said.
Investigators found similarities between the June shutdowns and cyberattacks in March, which South Korea had previously blamed on its northern neighbor, The New York Times said.
The ministry said hackers in the June attack used at least one IP address that had been used in previous attempts by North Korean hackers.
Earlier this month, the cybersecurity firm McAfee Labs, released a report on the March attacks.
"The attacks on South Korean targets were actually the conclusion of a covert espionage campaign," the firm said.
McAfee said the attackers were trying to steal South Korean and U.S. military data, but did not name North Korea as the culprit.