Friday, June 22, 2012

South Korea facing North Korean cyber attack campagin

South Korea is facing an increasing onslaught of cyber attacks from North Korea. Below is a list of the most recent significant incidents. This is a useful tactic for North Korea as it is difficult for South Korea to respond.North Korea has little Internet infrastructure to attack via computer network operations(CNO) and it would take an extreme North Korean attack involving loss of life to prompt South Korea responding militarily. South Korea, one of the most networked countries on Earth, has to just play defense and take the hits.

June 2012, South Korean Newspaper JoongAng Ilbo
In June 2012 cyber actors linked to North Korea attempted to destroy the newspaper's article database and the editing system which moves articles through the paper's intranet. Link. Previous blog entry.

April 2011, South Korean National Agricultural Co-operative Federation(NACF, Nonghyup Bank)
In April 2011 cyber actors linked to North Korea destroyed 100s of the Nonghyup Bank's internal computer servers disrupting banking services for millions of customers for over a week. Link.

March 2011, DDoS against South Korean websites
In March 2011 an advanced DDoS attack was launched against a number of South Korean websites, the computers used by the botnet which launched the attack were rendered unusable after the attack by overwriting the hard drive's Master Boot Record(MBR). Link.
The attacks in March were also linked to a covert North Korean operation to import computer games containing malware into South Korea. Link.

July 2009 DDoS against South Korean and US websites
In July 2009 several waves of DDoS attacks targeted South Korean and US websites. Link.

Further reading

"Increasing concerns regarding cyber warfare capabilities of North Korea", Security Affairs Blog
"North Korea's cyber warfare strength grows", Bloomberg News
"North Korea's IP address space"North Korean Tech blog

No comments:

Post a Comment