Qioptiq logo Raytheon

CYBER WARFARE UPDATE

03 May 11. North Korea was behind a cyber attack that crippled one of South Korea’s major commercial banks last month, prosecutors said Tuesday, in a high-profile case that has fueled concerns about corporate online security in the South. National Agricultural Cooperative Federation, or Nonghyup, was forced to shut down its servers last month after hackers took control of the laptop of an IT security worker, which was then used to delete information on the servers. Some 30 million customers at the bank were affected, with some unable to use their accounts for several days. Nonghyup has said it may never be able to fully recover all the data that have been lost. The Seoul Central District Prosecutors’ Office said one of the IP addresses of an overseas server used for the attack matched one used in a previous cyber attack attributed to North Korea. The prosecutor’s office also noted similarities in methods for the attack, including how malicious codes were planted in the compromised laptop. (Source: WSJ)

02 May 11. Traffic to online news sites spiked late Sunday night at 4.1 million page views per minute, driven by the news of the death of Osama bin Laden in Pakistan, according to content delivery company Akamai Technologies. Hackers also are taking advantage of the attention generated by the story, researchers report. A malicious link to a fake video has appeared on Facebook and the blog site of a man who apparently tweeted the bin Laden attack live has been found to be compromised with a malicious exploit kit, according to the security company Websense Security Labs.
“It’s not a high-profile site,” said Patrik Runald, senior manager of security research at Websense. But when breaking news stories began driving traffic to it, it came up dirty in a scan by the Websense Threat Seek Network, which identifies malicious and compromised sites.
Bin Laden was killed in a raid by U.S. forces at his hideout in Abbottabad, about 72 miles north of Islamabad, Pakistan’s capital.
“Cybercriminals are constantly exploiting where the masses go, and news on Osama bin Laden’s death is no exception,” Runald said. “We wanted to warn everyone looking for news on Osama bin Laden’s death to be cautious when clicking on new links.”
The threat is not merely from criminal hackers, said national security expert Seyom Brown, director of Studies at Tower Center of Southern Methodist University in Dallas.
“Putting it in the larger campaign against al Qaeda, the decapitation of the terrorist movement comes at a time of its substantial decentralization and global dispersal; thus, the danger of further terrorist attacks is not necessarily suddenly reduced,” Brown said. “Great vigilance against retaliatory revenge attacks is especially needed over the next weeks and months.”
Those attacks could come in the form of a cyber assault, he said. “We should not fall into the trap of assuming that our defenses can overwhelm the offense. We have to understand that we are going to be vulnerable.”
Brown said that cyber attacks lend themselves to the kind of undeclared conflicts now taking place in the Middle East and North Africa, providing ways for a nation to effectively target infrastructure such as a command-and-control networks while minimizing civilian casualties. Those capabilities also could be used against the United States, he said.
“I think others will find it attractive,” he said. “It is going to be part of the ongoing security environment in the decades ahead.” (Source: GCN)

Back to article list