Investigators looking into last week’s cyber attack on South Korean banks and broadcasters have reportedly found more IP (Internet Protocol) addresses linked to the attacks, but one security expert I spoke to said that might mean nothing.
The National Police Agency said it has traced some of the malicious code to addresses in the United States and three European countries, according to Yonhap. No further details were released by the NPA.
The news comes after investigators last week publicly announced a Chinese address as linked to the attack, but then withdrew the accusation a day later. It turned out the address was correct and, when More >
The mysterious cyber attack that hit an estimated 32,000 computers at South Korean TV stations and banks last week is looking more interesting, based on the latest analysis from computer security companies.
The first immediate analysis concluded that the malicious software was pretty unsophisticated, in part because it was based on a piece of malware that has been known for a year or so and because the commands in the code were not hidden.
That still seems to be true, but more data about the malware is coming out as researchers spend more time with it.
The podcast is advertised on the front page of the website with a link that jumps to an Apple iTunes page. The page currently carries ten episodes of the podcast, which is entirely in Korean and combines spoken word with music.
The episodes were uploaded between February 20 and 23 this year and range between 3 minutes and 22 minutes long. There haven’t been any updates in the last month.
It’s classified in the “News and Politics” section of iTunes’ More >
A cyber attack on three of South Korea’s major broadcasters and several of its major banks appears to have been caused by a relatively unsophisticated piece of software, security researchers said Wednesday. [Story updated, see below]
The attacks, which began at around 2pm local time on Wednesday (5:00 UTC) left desktop and laptop computers unable to start at KBS, MBC and YTN and took the auto-teller machines at Shinhan Bank and Nonghyup Bank offline. It didn’t affect the ability of the TV stations to put out programming.
An apparently sophisticated and coordinated cyber attack has caused widespread disruption to computer networks and three of South Koreas largest broadcasters and two of the country’s banks.
The attack first showed itself at 2pm on Wednesday when computers at KBS, MBC and YTN shutdown. Upon restarting, the computers displayed error messages saying they were unable to boot. Apparently the boot record or entire operating system has been removed from the computers.
ATMs and online banking service at Shinhan More >
Last week’s Internet outage that pushed North Korean websites offline for almost two days was probably caused by a problem inside the country, not on an external connection, an Internet researcher said Monday.
“The impacted equipment was within North Korea,” said Doug Madory, a senior research engineer at Renesys. On Friday, he published a detailed look at the way the outage looked from the network level.
North Korea is connected to the Internet via two links and because the problems were observed on both connections, it stands to reason the problem was on the North Korean side, he said.
Data traffic instability on both More >
There were no other details of the tests included in the report, which was carried by the Korea Computer Center’s Naenara portal as part of an article on upgrades to the country’s telecommunications systems.
“On the basis of the trial introduction of digital TV broadcasting last year the ministry is working to lay the material and technical foundation for applying it stage by stage while developing programs and introducing facilities,” the report said.
State media isn’t believed to have reported on the trials in the past.
A switch More >
The Internet disruption that affected North Korea’s Internet link earlier this week lasted almost two days, an Internet monitoring company said Friday.
It began just before 0100 GMT on Wednesday — that’s 10am local time — and continued for much of the next day and a half. It then took several hours for traffic levels and response times to get back to normal, said Internet network monitoring company Renesys.
The country typically relies on a link via China Unicom to connect to the rest of the world and this disappeared from global routing tables when the outage began, said Renesys. Routing tables are constantly More >
North Korea’s state-run news agency accused the U.S. and its allies of being behind a series of cyberattacks that have forced its web sites offline for much of the last two days.
“Intensive and persistent virus attacks are being made every day on internet servers operated by the DPRK. These cannot be construed otherwise than despicable and base acts of the hostile forces consternated by the toughest measures taken by the DPRK after launching an all-out action,” the news agency said in a commentary.
The report represents the first recognition by North Korean state media of the cyberattacks.
The handful of web sites More >
Fresh from becoming the first person to tweet and Instragram on Koryolink’s new 3G data service, Associated Press Korea Bureau Chief Jean Lee was at the SXSW Interactive event to speak about social media in the DPRK.
She’s a great person to speak to on the subject.
Her pioneering posting as the first accredited correspondent of any western news organization in Pyongyang has seen her make numerous trips to the country. The opening up of the 3G network to tourists and then a few weeks later data service for foreigners — a story she broke — was widely followed.
As with just about More >