The recent cyber attacks on South Korea’s banks has made quite a stir in the media. 3 banks services were unavailable for many hours with lingering effects still. Yet when I see a line that supposedly explains the origins, and that line is total and utter bullshit….well, I’m gonna call it.
See, they track who is attacking by IP address. Sure it probably will not be a North Korea IP address and like many other types of attacks, such methods use systems in other places, countries. So they originally blamed the attacked coming from a Chinese IP address. Not surprising really, happens all the time. In fact, there are certain services that blanket-block any/all Asian IPs because of things like this. What really got me is the line where they played on people’s absolute ignorance of how networking works.
The IP address was used only for the company’s internal network and was identical to a public Chinese address.
There is a severe problem with this statement. This situation is completely and utterly impossible to happen. Out of all the original IP(version 4) addresses, 3 ranges are used exclusively to internal networking. These 3 ranges are not ‘routable’, meaning you cannot use them to access the internet.
However, they cannot have IP connectivity to any host outside of the enterprise. source - RFC1918
So, tell me. How can an internet network IP address possibly be the same as an IP address on some external network in China? That’s right, it can’t. Thus I call bullshit.
Still want to believe everything you read in your newspapers?