SEOUL, South Korea — A cyber-attack on the servers of South Korean broadcasters and banks was traced to an IP address in China.
"We've identified that a Chinese IP is connected to the organizations affected," a spokesman for South Korea's Communications Commission told a press conference.
Even though the IP has been traced to China, South Korean officials have named North Korea the prime suspect of the cyber-attack. The timing makes sense, falling in line with the war rhetoric North Korea has employed against the South in the past three weeks in response to UN sanctions.
The worm was reportedly unsophisticated, the sort that could be used by your average teenage hacker in the United States. But if North Korean operatives are guilty of launching the virus, they did serious damage in a short time. Here in Seoul, about 5,000 personal computers are still down — more than a day after the first attack.
More from GlobalPost: North Korea cyber-attacks blamed on US, South Korea
"We do know that North Korea does route attacks through Chinese servers because that's the only way they can communicate with South Korea," Timothy Junio, a cybersecurity fellow at Stanford University's Center for International Security and Cooperation, told Fox News. "It's not surprising there's a Chinese IP address involved."
According to the Associated Press, IP addresses can be easily manipulated by hackers operating anywhere in the world in order to disguise their whereabouts.
The cyber-attacks brought down network servers for TV broadcasters YTN, MBC and KBS, as well as of major commercial banks Shinhan Bank and NongHyup Bank, noted Reuters. Banks took several hours to restore operations and damage to servers of TV networks appeared to be more severe, but did not affect broadcasts.