In December, the hackers tried to rob sensitive data from South Korea’s nuclear power operator, including plant blueprints and personnel information. Photo by SP-Photo/Shutterstock
SEOUL, April 22 (UPI) -- South Korean investigators said they have found proof North Korea was behind a series of cyberattacks on South Korean banks and nuclear operators.
The source of the attacks, malicious codes, was responsible for a 2013 attack on 48,000 computers at banks and media outlets and the hacking of a South Korean nuclear operator last December, CNN reported.
Joshua James, a forensic expert at South Korea's Hallym University, said the malicious code would attempt to delete all files on an infected computer after forcing the system to restart.
"You would come back up and nothing would be there," he said.
During the 2013 bank breaches, South Korean bank customers were unable to withdraw money or transfer money online. The Korea Institute for Industrial Economics and Trade estimates the attack on banks led to $820 million in damages.
In December, the hackers tried to rob sensitive data from South Korea's nuclear power operator, including plant blueprints and personnel information. The attack stoked fears of nuclear power safety, although investigators said no critical data was taken.
The December attack was a "spear-fishing" exercise that deployed emailed attachments to unsuspecting users. Once opened, the code would run in the background of a victim's computer. It followed a month after Sony Pictures said their computers had been hacked.
Experts said North Korea is investing in cyberattack forces because it is more economical than conventional warfare against South Korea. Seoul's Defense Ministry stated North Korea employs 6,000 "cyberarmy" workers.
Yonhap reported North Korea denied its involvement in the cyberattack on South Korea's nuclear power operator, after Seoul investigators connected the attacks to Internet protocol addresses in Shenyang, China, a location easily accessible from North Korea.