North Korean hackers are targeting South Korean Internet users with emails that purport to be updates on the MERS (Middle East Respitory Syndrome) virus, according to broadcaster KBS. [Update: See below]
A major outbreak of MERS has killed at least 14 people in the country, sickened 138 people and has close to 4,000 people in isolation so interest in the issue is high.
On Friday, KBS said a trojan virus in the emails had been traced back to North Korea.
In late December, just a few days after the U.S. government accused North Korea of being behind the hack on Sony Pictures Entertainment, North Korea’s sole connection to the Internet was disrupted for nine and a half hours.
At the time, there was speculation that the American government might be behind the action, especially as President Barack Obama had promised retaliation, but it was equally possible that a third-party group or technical problems were to blame. After all, it was far from the first time that North Korea’s Internet connection has gone down. More >
North Korea didn’t get a direct mention during President Obama’s State of the Union address on January 20, but Obama did take on the issue of computer hacking — something that has been put on the U.S. agenda since the November 2014 attack on Sony Pictures.
The U.S. government has blamed North Korea for the action and he mentioned nation-state attacks during the speech.
“No foreign nation, no hacker, should be able to shut down our networks, steal our trade secrets, or invade the privacy of American families, especially our kids,” Obama said. “We are making sure our government integrates intelligence to combat cyber threats, just as we have done to combat terrorism.” More >
Hackers have hit a Facebook page for North Korean airline Air Koryo replacing it with messages in support of Islamic State militants and against North Korean leader Kim Jong Un.
The page shot to fame earlier in the year when it began replying to user comments and questions about trips to North Korea. It claimed to be the airline’s official page, but appeared to be run by an Air Koryo agent in Russia.
The hack came a day after a similar attack on the Facebook and Twitter pages of U.S. Central Command. Hackers typically gain access to Facebook accounts by tricking users into giving away their passwords or by gaining access to their email accounts and then sending password reset messages. More >
The U.S. government has announced additional sanctions on North Korea as a result of the cyber-attack on Sony Pictures.
The sanctions are the first official U.S. response to the attack, for which the investigation continues but North Korea has already been named responsible by the Federal Bureau of Investigation.
In announcing the measures, President Obama said they were being imposed for “the provocative, destabilizing, and repressive actions and policies of the Government of North Korea, including its destructive, coercive cyber-related actions during November and December 2014, actions in violation of UNSCRs 1718, 1874, 2087, and 2094, and commission of serious human rights abuses.” More >
The State Department said Monday that it remains confident in the Federal Bureau of Investigation’s conclusion that North Korea was responsible for the cyber attack on Sony — despite a growing number of voices saying that might not be the case.
There has been some skepticism about North Korea’s involvement since the first reports earlier in December and that has increased in the last week.
- Linguistic analysis of the English suggests a Russian speaker, not a Korean
- The IP addresses used by the hackers were on compromised machines that could have been used by anyone.
- One of the latest reports suggests that a former Sony employee might have been involved, with a small group of others.
North Korea’s Internet connection with the world suffered outages on December 27 and December 28.
The latest instability on the connection began around 0400 UTC (1 p.m. local time in Pyongyang) on Sunday and continued for a couple of hours, according to monitoring by Dyn Research. The U.S.-based organization recorded several instances in which connections to the four sub-networks that make up the North Korean Internet were completely unavailable.
North Korea has accused the U.S. of disrupting its Internet service and has renewed a call to participate in a joint investigation into claims that it hacked Sony Pictures Entertainment.
[UPDATE: English recording of Voice of Korea added below.]
The country’s websites were offline for more than nine hours on December 22 after an apparent denial of service attack.
In a statement carried by the state-run Korean Central News Agency on Saturday, the country’s National Defence Commission laid blame for the Internet problem at the feet of the U.S., saying the country “started disturbing the internet operation of major media of the DPRK.” More >