South Korea Backtracks On China As Source of Cyberattack

hackingbear writes "The suspected cyberattack that struck South Korean banks and media companies this week didn't originate from a Chinese IP address, South Korean officials said Friday, contradicting their previous claim. The Korea Communications Commission said that after 'detailed analysis,' the IP address used in the attack is the bank's internal IP address — which is, coincidentally identical to a Chinese ISP's address, among the 2^32 address space available."

Hanlon's

[gmuslera]

The bank used public IP addresses (existing, used elsewhere) for their internal network? The one that designed that should be considered a bigger security threat that any current cyberattack.

BTW, the CNN editorial "Why cyber attacks threaten our freedom" is another piece of art of more or less the same magnitude. I'd say that is on a par with this one

Re:Hanlon's

I agree that it seems insane that a major bank would do this, however I've seen it in practice. A very major financial firm (who shall remain nameless) that I did some work for actually uses the public IP address range of the US dept. of defense as their internal IP space. It's never caused them any problems - since there's no need for them to connect to the US military, but it definitely left me and several colleagues scratching our heads when we first started looking at the network.