Chinese hackers carry out cyberattacks against South Korean academic institutions
by Guido Alberto Casanova

During the Lunar New Year, the websites of a dozen academic and research institutes were simultaneously knocked out. On Telegram, the group claims that it picked South Korea as its "training ground", threatening more attacks. According to South Korea’s cybersecurity agency, only sites without sophisticated defence systems were affected.

Seoul (AsiaNews) – South Korea’s cyber security authority announced that a group of hackers carried out a cyberattack against several South Korean targets.

According to initial statements by the Korea Internet and Security Agency (KISA), the websites of a dozen academic and research institutes were affected.

The attack took place during the Lunar New Year break, known in Korea as Seollal, which lasted from Saturday to Tuesday.

Many of the sites targeted by a hacker group calling itself Xiaoqiying, probably of Chinese origin, were still inaccessible last evening and their homepage still showed the group’s logo and message.

“We declare the invasion of the South Korean Internet,” read the message at the bottom of the screen.

The entities targeted in the cyberattack do not appear to be linked. They include the Korea Association for Education, the Korea Research Institute for Construction Policy, and the Korean East-West Mind Science Association.

What they seem to share is vulnerable websites that lack encryption systems that might have protected them from cyberattacks.

According to the hackers, they compromised the computer networks of 70 South Korean educational institutions and stolen 54 gigabytes of data.

In the message left on the targeted sites, the group warned against more cyberattacks.

Information about the hacker group is available on its Telegram channel, with messages in English and Chinese announcing that South Korea will be a "training ground" for its members.

The group's administrator also said that KISA would be next.

KISA launched an investigation into the incident. For now, it has not yet officially confirmed if the hackers were Chinese and if they have links with the Chinese government.

Some clues do suggest the group’s Chinese origin. As for the real motive, nothing is known.

A South Korean government official told the local press that the cyberattack against South Korean computer systems during the holidays looks more like hackers showing off their cyber skills.

“The hackers knew where they had to press and did not seem to be after some financial gains, though that’s more for police to look at,” the official said.

South Korean police opened a formal inquiry into the case.