Last week, Korea Hydro and Nuclear Power, which runs South Korea's 23 nuclear plants, suffered a security breach in which personnel records, public health monitoring data, and reactor designs were obtained from the company's systems and posted online. The attacker, which linked to the materials on an anti-nuclear activist site, also threatened to release further information unless three of the company's plants were shut down by tomorrow.

Now, Korean investigators have identified a Chinese IP address as the source of the attacks and are asking the Chinese government for assistance in the investigation.

According to a report in The Korea Times, the attacks were routed through three different VPN service providers in the US, Japan, and Korea. By obtaining these records, the initial IP address that launched the attack were traced to the city of Shenyang, which is on the China-North Korea border. An article from Australia's ABC indicates that this city hosts one end of North Korea's main Internet connection to the outside world, which was severed earlier this week.

A number of sources confirm that South Korea has asked for China's assistance in the matter and quote an unnamed official as saying the country isn't pointing the finger at its neighbor: "There is a possibility that the IP addresses in China are not the final source but used in a routing." But suspicion isn't directed at China itself; rather, it's suspected that North Korean agents were using the Chinese city for their activities.

The Korea Times quotes a senior official at the Supreme Prosecutors' Office as saying, "Shenyang is home to cyber experts dispatched by North Korean authorities," and that, while it's still early in the investigation, "there is a strong possibility that Pyongyang was behind the attack."

China, for its part, is saying that it deplores all hacking. But it has not given any indication that it will cooperate with the South Korean investigation. Meanwhile, Korea Hydro and Nuclear Power is saying that the breached systems are on a separate network from those used to control its plants, and the break in poses no threat to nuclear safety.