Cyber Incident Victim: Bank of Korea

The Central Bank of South Korea was targeted as part of Operation OpIcarus, a distributed denial-of-service (DDoS) campaign conducted by the hacktivist collectives Anonymous and Ghost Squad. This incident occurred during the operation's active phase following its March 2016 relaunch, prior to the May 13-15, 2016 attacks on other financial institutions detailed in contemporaneous reports. Attackers employed high-volume DDoS assaults reaching 250 Gbps intensity, a consistent tactic used throughout OpIcarus against multiple central banking targets. The bank's website experienced forced downtime during the attack period, though specific outage duration wasn't quantified in available reporting. This targeting aligned with the operation's broader pattern of attacking national financial infrastructure rather than breaching internal networks or stealing funds.

Operation OpIcarus impacted at least 14 central banks and monetary authorities globally between March and May 2016, with the Central Bank of South Korea among the earlier confirmed targets. The attackers publicly framed these actions as retaliation against perceived financial system corruption and solidarity with global protest movements, though no bank-specific justification was provided for the South Korean targeting. By the time of the May 15 reporting date, all affected banking websites including previous targets like South Korea's had been restored to normal operation. The incident formed part of a coordinated sequence of attacks that escalated in frequency and scale throughout spring 2016, culminating in the simultaneous targeting of five additional banks during the mid-May attack wave. No data breaches or financial thefts were explicitly linked to these DDoS incidents across all affected institutions.