Hacking
Exclusive: Nosotek website hacked
Feb 11th
The website of Nosotek, the foreign-North Korean software programming joint venture, has been hacked. The site was hit sometime late Sunday or early Monday and its front page was replaced with a message in French, English and Korean attacking North Korea. [This story has been updated. Please see below.]
“The Democratic People’s Republic of Korea believes in an Atheist system of Communism, and promotes only the worship of its leaders. Why then, does Iran choose to work with them while claiming to be an Islamic state?”
Underneath were a couple of pictures of Kim Jong Un, one of him on a horse More >
Maybe North Korea didn’t hack us after all, says South
Jan 18th
Well, this is a little embarrassing. The presidential transition team that Thursday blamed North Korean hackers for an attack on its press room now says there was no hacking. It all appears to have been a misunderstanding.
Reporting on the reversal, Yonhap quoted an official on the team as saying the allegations stemmed from a disconnect in communications within the team.
“Security authorities had asked the administrative office of the transition committee to advise reporters to use antivirus programs and change passwords often as the press room is vulnerable to outside hacking attempts,” spokesman Yoon Chang-jung said.
“There was some misunderstanding in the course of delivering this,” More >
Suspected DPRK cyber attacks back in the news
Jan 17th
Cyber attacks on South Korean networks suspected to have originated in North Korea are back in the news.
On Thursday, Yonhap News reported that a computer server handling the Internet connection for the press rooms at South Korea’s presidential transition team had been hacked.
The hack, which was not detailed, was detected during a security check by “intelligence authorities,” said Yonhap. Other computers in the transition office had not been hacked, the report said quoting an unnamed official.
The news comes a day after the National Police Agency blamed North Korea for a 2012 attack on the Joong Ang Ilbo newspaper. The NPA said it came to its More >
Japan ties exported PCs to Internet attacks
Mar 14th
Japanese police suspect a consignment of 1,843 used computers and monitors allegedly exported to North Korea could have been used in a 2009 week-long attack on a handful of South Korean and U.S. websites.
The computers, allegedly exported in violation of Japanese sanctions, were shipped to the Pyongyang Informatics Center (PIC), a unit of the state-run Korea Computer Center (KCC), on June 18, 2009, the Yomiuri Shimbun reported quoting “investigation sources.”
Less than a month later on the July 4 weekend, a distributed denial of service (DDOS) attack targeted 27 South Korean and U.S. websites.
DDOS attacks work by harnessing the power and bandwidth More >
More Tokyo raids over DPRK PC exports
Mar 1st
Police in Tokyo conducted follow-up raids this week on the office of a North Korean-linked science association as part of an investigation into illegal PC exports.
The Korean Association of Science and Technology in Japan (在日本朝鮮人科学技術協会, 재일본조선인과학기술협회) was raided on Tuesday, according to local media reports.
Police were investigating a possible link between the group and Lee Soon Gi, the 49-year old president of used PC equipment seller Popura Tec (website, right), said the Jiji news agency.
Lee was arrested earlier this month along with two others on suspicion of exporting PCs to North Korea in violation of Japan’s trade sanctions.
The science association was formed in More >
VOK on US hacking
Aug 4th
The Voice of Korea, North Korea’s international radio broadcaster, recently aired a commentary that took aim at several hacking incidents in the U.S., but the true aim of the piece appears to be the U.S. Department of Defense’s recently published Strategy for Operating in Cyberspace.
The U.S. document, a declassified version of which is available online, brings together cyber strategies and thinking throughout the DoD. The classified version also says major cyber attacks can constitute acts of war, according to reports.
The VOK commentary begins with the hack of Fox News’ Twitter stream that saw a message posted that U.S. President Barack More >
North Korea behind March web attacks, says McAfee
Jul 6th
North Korea or parties closely tied to the country were almost certainly behind the March cyber attacks that took down several South Korean websites, according to a report from computer security company McAfee.
The report contains a detailed analysis of the attacks and how they were carried out.
Working with the governments of both South Korea and the U.S., the company reverse engineered the computer code used in the attacks to uncover its inner workings.
Infected computers that launched the attacks were controlled by two tiers of command server, communications between the systems was encrypted in several different systems and the whole network More >
North Korea’s Chinese IP addresses
Jun 26th
Cyber attacks against South Korean organizations have been much in the headlines in recent weeks. With each attempt to crash a web server, phish for private information or infiltrate a computer in South Korea, the country’s government points its finger of blame towards North Korea, but concrete evidence is often thin on the ground.
Investigators will typically try to trace a cyber attack by discovering the IP (Internet protocol) address from which it originated. Every computer on the Internet has such an address and discovering the source address will typically help identify the organization or service provider network from which the More >
Defector claims up to 3,000 hackers in North Korea
Jun 2nd
North Korea is continuing to strengthen its ranks of elite hackers and could have up to 3,000 of them, a North Korean defector said in Seoul on Wednesday. (Update: New information below)
Kim Heung-kwang, a former professor at Pyongyang Computer Technology University and member of the North Korea Intellectuals Solidarity group, told a cyber security conference that North Korea likely has around 3,000 hackers, according to local news reports.
The state previously had around 500, but raised the number last year when the cyber warfare unit saw its status raised, Yonhap reported him as saying. The unit sits under the Reconnaissance General More >
South suspects North in military spamming
Jun 1st
South Korean military personnel have been warned against opening suspicious e-mails and attachments as Seoul worries North Korea is further expanding its hacking activities, according to several media reports this week.
Around 60 officers who graduated from Seoul’s Korea Military Academy received e-mails that purported to be from fellow graduates, reports The Korea Herald.
The messages were sent from Hanmail accounts and four of the addresses used were “1co3p@hanmail.net,” “hoyon1241@hanmail.net,” “fmcph@hanmail.net” and “yeobdu@hanmail.net,” said The Seoul Shimun. The messages contained malicious code in attachments.
Breaking into personal computers through such spam mail is a tried and tested method for hackers all over the More >
