On Wednesday, broadcasters KBS, MBC and YTN along with Shinhan, Nonghyup and Jeju banks saw their computer networks entirely halted due to malicious code from unknown hackers, according to the companies and police.
"(The government) is closely analyzing the incident with all possibilities open, while bearing a strong suspicion that North Korea conducted the attack," said a high-ranking official of the presidential office Cheong Wa Dae. He declined to be identified and further elaborate.
His comment echoes the results of the initial probe into the case announced earlier in the day by the Korea Communications Commission (KCC) that part of the malicious code that paralyzed the network systems came from a Chinese Internet Protocol (IP) address.
The agency stopped short of pointing to Pyongyang, but said it is considering all possible scenarios, leaving open the possibility that North Korea was behind the cyber attack. Experts also say the North has used Chinese IPs for cyber attacks in the past.
According to data compiled by the National Intelligence Service, Pyongyang has carried out six such cyber terrorist acts against Seoul over the past five years, including a distributed denial of service (DDoS) attack against South Korean government Internet sites on July 7, 2009, a similar DDoS incident in March 2011 targeting state institutions like the presidential office, the National Assembly and media outlets, and an attack against a conservative newspaper last June.
While the authorities have been conducting the probe into the case, the broadcasters and financial firms said they managed to get their computer networks and services back on track by early Thursday.
"We successfully recovered our mainstay network related to programming and advertising this morning, and normalized our service," said an official of the largest public broadcaster KBS.
"But we are still working to recover around 5,000 personal computers that came under the attack, and our Web site is still inaccessible."
The two other broadcasters and the financial companies also said they had recovered their networks, while more work will be required to restore their hundreds of PCs.