SEOUL, South Korea — Red-faced investigators on Friday said they wrongly identified a Chinese Internet Protocol address as the source for a coordinated cyberattack on six major South Korean companies this week.
A joint team of government and private experts still maintains that hackers abroad were likely to blame, and many analysts suspect North Korea. But the error raises questions about investigators’ ability to track down the source of an attack that shut down 32,000 computers Wednesday and exposed big Internet security holes in one of the world’s most wired, tech-savvy countries.
South Korean investigators said Thursday that a malicious code that spread through the server of one of the hackers’ targets, Nonghyup Bank, was traced to an IP address in China. Even then it was clear that the attack could have originated elsewhere because hackers can easily manipulate such data.
But the state-run Korea Communications Commission said…
View original post 794 more words