Posts tagged South Korea

nmap-hacking

North Korean malware hit thousands of phones, says Seoul

0

Malicious software disguised as a computer game could have infected around 20,000 smartphones in South Korea, according to South Korean media reports quoting the country’s spy agency.

The games were offered through South Korean sites between May 19 and September 16 this year, the National Intelligence Service said in a report to parliament.

The apps have since been removed and the actual number of phones infected is unclear.

While phones were infected, the software doesn’t appear to have caused any damage but has left the phones vulnerable to eavesdropping and remote video taping, the reports said.

North Korea has often been blamed for cyber attacks on South Korean companies and institutions, although typically attacks attributed to the country have been launched from personal computers infected with malicious software.

The use of smartphones appears to be a new tactic, but is not surprising. Phones are often connected to the Internet continuously, unlike PCs, and hold a vast amount of personal information about the user.

They have become popular targets for criminals the world over, often with an aim of stealing banking credentials or email passwords.

Ulchi Freedom Guardian means lots of computers

0

As a computer-based war-game, the Ulchi Freedom Guardian exercise that begins this week in South Korea requires lots and lots of computers.

In pictures released Thursday by the U.S. Department of Defense, some of those computers and the complexity of the set-up can be seen. The images and a video show the inside of the Joint Operations Center for the exercise. It was built by the U.S. I Corps and Third Army of South Korea.

Lt. Gen. Stephen Lanza, I Corps Commanding General, is briefed by his staff in the I Corps joint operations center in Camp Yongin, South Korea, during a combined arms rehearsal meeting Aug. 21. (DOD Photo / Daniel Schroeder)

Lt. Gen. Stephen Lanza, I Corps Commanding General, is briefed by his staff in the I Corps joint operations center in Camp Yongin, South Korea, during a combined arms rehearsal meeting Aug. 21. (DOD Photo / Daniel Schroeder)

There are “multiple” other such sites across the country, according to the Department of Defense.

U.S. service members, 1st Canadian Division troops and soldiers from the Third Republic of Korea Army work side-by-side in the I Corps joint operations center in Camp Yongin, South Korea during a combined arms rehearsal meeting Aug. 21. (DOD Photo / Daniel Schroeder)

U.S. service members, 1st Canadian Division troops and soldiers from the Third Republic of Korea Army work side-by-side in the I Corps joint operations center in Camp Yongin, South Korea during a combined arms rehearsal meeting Aug. 21. (DOD Photo / Daniel Schroeder)

The exercise, which has drawn criticism from North Korea, brings together approximately 30,000 U.S. troops and others from the South Korean military and a number of other countries.

It’s described as a defense-oriented command and control exercise that enhances the combat readiness of South Korea.

A drone found crashed in South Korea (Photo: Korean Ministry of Defense)

North again denies involvement with drones

2

North Korea strongly denied again on Sunday having anything to do with unmanned aircraft discovered crashed on the South Korean side of the inter-Korean border.

Last week, the South Korean government said it had concluded an investigation into the incident and concluded the three drones were launched from North Korea.

Among its evidence, Seoul said the onboard computer contained a program to fly from North Korea over the south and then back again.

North Korea’s National Defence Commission, through an article sent on the official Korean Central News Agency, called the investigation a “farce” and said it had been implicated to “do harm to its fellow countrymen in the north and invent a pretext for escalating the confrontation in a back room.”

A drone found crashed in South Korea (Photo: Korean Ministry of Defense)

A drone found crashed in South Korea (Photo: Korean Ministry of Defense)

North Korea’s denial isn’t a surprise.

In mid-April after South Korean officials released preliminary details of their investigation into the drones, the National Defence Commission first called the statements “false.”

What remains to be explained is a close similarity between the drones found in South Korea and a Chinese drone called the Sky-09P.

Two companies advertise the Sky-09P drone on their websites: China TranComm Technologies and Taiyuan Navigation Friend Aviation Technology. Pictures of the Chinese drone show it shares many of the same external features as one of the models of drone found in South Korea.

Similarities are highlighted between the Sky-09P drone and a drone found crashed in South Korea.

Similarities are highlighted between the Sky-09P drone and a drone found crashed in South Korea.

 

140113-ijuche

IJuche app banned in South Korea

1

140113-ijuche-iphoneA recently-launched iPhone app that delivers articles from the Korean Central News Agency to iPhones and iPads has been banned in South Korea.

The app, iJuche, was developed and published in late 2013 and was highlighted on NorthKoreaTech earlier this week. That publicity was apparently enough to get it blocked.

“I just got a call from a person at Apple informing me that iJuche has been found to be in violation of South Korea’s “National Security Law” and has been removed from the South Korean App Store,” said Peter Curtis, the developer of the app.

Users in South Korea that have already downloaded a copy of iJuche, or those with App Store subscriptions in other countries, should still be able to access news through the app, but new users won’t find it available for download in the Korean App Store.

South Korea’s National Security Law is a decades-old law that bans anti-state acts that endanger national security. In recent years, this has been used to ban the redistribution of North Korean propaganda on the Internet.

That means many websites from North Korean and those sympathetic to the country are blocked from local Internet users. It’s also been used to prosecute local Internet users who re-distribute North Korean content, sometimes by simply posting it on a website.

The law has many critics who maintain it restricts freedom of speech and doesn’t belong in a modern, developed society like the South Korea of today.

 

To-date, most of the sites and services blocked under the law have been those in Korean, although late last year a portion of the NK News website was also cut off from South Korean Internet connections.

KCNA Watch, a service developed by New Zealand-based Frank Feinstein, collates the daily output of KCNA from its website and makes it easy to navigate and search. It’s often easier to find articles on KCNA Watch than through the official KCNA website, and Feinstein’s site maintains the original versions of stories.

The importance of that feature was highlighted last month when KCNA deleted hundreds of articles mentioning Jang Song Thaek, the purged uncle of Kim Jong Un. The articles remain available through KCNA Watch.

140113-ijuche-ipad

korea-police

Report: South Korean arrested for aiding North’s spy bureau

1

A South Korean businessman has been arrested by local authorities on suspicion of passing classified information and video and audio system technology to North Korea, Yonhap reported on Saturday.

The report said the suspect, identified only as a 54-year-old man called “Kang,” worked with agents of North Korea’s Reconnaissance General Bureau to pass the information. He regularly traveled to China and made contact with the agents directly and through email.

Few other pieces of information were available.

The case could be interesting because the Reconnaissance General Bureau is the Korean People’s Army unit responsible for spying activities, including infiltration of South Korea and electronic surveillance.

I mentioned it in February last year when writing about a large satellite monitoring station on the outskirts of Pyongyang. The monitoring station is located close to the bureau’s headquarters.

As noted in that article, the Reconnaissance General Bureau was named in U.S. Executive Order 13382 that set out trade sanctions. Here’s what the U.S. government said about it in August 2010:

The Reconnaissance General Bureau is North Korea’s premiere intelligence organization, created in early 2009 by the merger of existing intelligence organizations from the Korean Workers’ Party, the Operations Department and Office 35, and the Reconnaissance Bureau of the Korean People’s Army. RGB trades in conventional arms and controls the North Korean conventional arms firm Green Pine Associated Corporation (Green Pine), which was also identified for sanctions by the President today for exporting arms or related materiel from North Korea.

Its headquarters were located after TV footage was broadcast of a visit there by Kim Jong Il in early 2010.

The unit was reorganized in 2009/10 and 38 North published an extensive analysis:

Recent changes during 2009-2010—the most dramatic reorganization in years— seem to have been implemented to unify all the intelligence and internal security services directly under the National Defense Commission (NDC) and to secure the position of Kim Chong-il’s son, Kim Chong-un, as his successor. — 38 North Special Report

131011-freedom-house-logo

South Korea’s Internet only “partly free,” says Freedom House

0

Despite living in one of the most wired societies in the world, South Korean Internet users enjoy a “partly free” Internet due to government censorship of content, according to the results of a global survey on Internet freedom.

Censorship of content, which includes many websites that carry North Korean content, has shot up in recent years.

The government’s own figures show 25,706 items were blocked in the first six months of 2013, compared to 39,296 sites in all of 2012. Five years ago in 2008, just 4,731 sites were blocked.

The censorship led Freedom House to score the country 32 points in its annual Internet freedom ranking. The score runs from 0 to 100 with a lower number signifying more freedom. South Korea’s score is a rise of 2 points from its score of 34 points last year.

The nation comes in position 20 on the ranking of 60 countries, equal with Brazil. North Korea is not included in the survey.

The score partly reflected the South Korean government’s attitude towards North Korean content.

Users are blocked from viewing websites based in North Korea or many of the pro-regime sites based in other countries. Censorship is particularly strong of Korean-language content and mirrors the government jamming or North Korean radio signals, much of which takes place under the name of the National Security Law.

Attempts to access banned content are re-directed to a “warning” page.

The Korea Communications Standards Commission's website presented to Internet users who attempt to access censored websites.

The Korea Communications Standards Commission’s website presented to Internet users who attempt to access censored websites.

The report includes an outline of the online review and censorship process carried out by the Korea Communications and Standards Commission.

Meetings are held every two weeks at which commissioners discuss flagged cases, which include content found by monitors and submitted by Internet users. The content runs the gamut from pornography to political discussion and the commissioners make recommendations on what should be deleted or blocked. Compliance is almost universal, even though the recommendations are not legally binding.

A blimp is launched at Camp Julien in September 2010 to provide security forces with extra surveillance around the Afghanistan's parliamentary elections. (File / U.S. Army / Master Sgt. Travis Vallery)

Read more: http://www.dvidshub.net/image/318975/new-security-measure-place-afghanistan-elections#.Ukqv5GRgYbc#ixzz2gT64F7kC

South Korea eyes high-tech blimps at the border

1
A blimp lifts off from its launch pad at Forward Operating Base Shank, Logar province, Afghanistan, on July 31. (File / US Army photo / Spc. Theodore Schmidt)

A blimp lifts off from its launch pad at Forward Operating Base Shank, Logar province, Afghanistan, on July 31. (File Photo: US Army / Spc. Theodore Schmidt)

South Korean defense officials plan to soon launch a high-tech blimp just south of the disputed maritime border with North Korea in November to get a better look into the neighboring country, according to a report in Stars and Stripes.

The airship will hover over the island group that includes Yeonpyong, which is the island that was shelled by North Korean forces in 2010 resulting in the deaths of four South Koreans.

The newspaper quoted a spokesman for the South Korean Defense Acquisition Program Administration (DAPA) as saying the $22 million blimp would provide surveillance of areas that are at present outside the coverage of the South Korean military’s monitoring network.

The U.S. military has been using airships in the Middle East since 2010, where they monitor the areas around military bases in Afghanistan.

The U.S. craft — officially called the Precision Threat Detection System — are equipped with a camera that can provide a 360 degree, all-weather view of the surrounding area in both daytime and nighttime.

Lockheed Martin makes the system used in Afghanistan but the South Korean system is of domestic origin. A photo released by the South Korean military shows the design of the craft is slightly different from that employed in Afghanistan.

It was due to already be in the air, but problems with a data transmission system have delayed its deployment, Yonhap News reported in early September. Now, the DAPA official told Stars and Stripes it could be in the air as early as November.

A blimp undergoes tests before deployment to the disputed maritime border between North and South Korea (Photo courtesy: South Korean Defense Acquisition Program Administration)

A blimp undergoes tests before deployment to the disputed maritime border between North and South Korea (Photo courtesy: South Korean Defense Acquisition Program Administration)

The arrival of a blimp at the border will likely spark an attack from North Korea, either in words or more forcefully with weapons. The country typically bristles at the arrival of any new military technology on the Korean peninsula and especially when it comes near to the border.

Baek Youn Hyeong, the South Korean military spokesman quoted by Stars and Stripes, told the newspaper, “If they take military action by attacking it … it would be an act of provocation, and we would have to take appropriate action in response.”

A blimp is launched at Camp Julien in September 2010 to provide security forces with extra surveillance around the Afghanistan's parliamentary elections. (File / U.S. Army / Master Sgt. Travis Vallery) Read more: http://www.dvidshub.net/image/318975/new-security-measure-place-afghanistan-elections#.Ukqv5GRgYbc#ixzz2gT64F7kC

A blimp is launched at Camp Julien in September 2010 to provide security forces with extra surveillance around the Afghanistan’s parliamentary elections. (File Photo: U.S. Army / Master Sgt. Travis Vallery)

A tethered blimp gets an early peek at the rising sun over Camp Marmal in Northern Afghanistan on January 26, 2013. (File / U.S. Air Force / Tech. Sgt. Parker Gyokeres)

A tethered blimp gets an early peek at the rising sun over Camp Marmal in Northern Afghanistan on January 26, 2013. (File Photo: U.S. Air Force / Tech. Sgt. Parker Gyokeres)

130320-kbs-cyber

DPRK protests results of hacking probe

0

The DPRK is loudly protesting the preliminary results of a South Korean investigation that found it was behind widespread computer disruption that hit several TV stations and banks on March 20. [Updated, see below.]

The computer attacks wiped clean the hard disk drives of around 48,000 personal computers and servers inside broadcasters KBS, MBC and YTN, and the Shinhan, Nonghyup and Jeju Banks.

In an almost 2,000 word response carried on the state-run KCNA newswire, the main results of the investigation were picked through and discounted. The article, which came a day after Seoul disclosed its findings, was attributed to a spokesman for the General Staff of the Korean People’s Army.

The South Korean investigation concluded Pyongyang’s involvement based on some key points:

The first was the disclosure, apparently in error, of an Internet address being used by a hacker in the weeks before the attacks. The address fell within a batch used exclusively by North Korea and was only visible for a few minutes before being hidden, the report said.

On this — as in much of the reply — the KPA spokesman demonstrates a working knowledge of how computer hackers operate.

“It is a common method used by hackers to hide themselves to abuse other’s IP address or fake it up on open internet for hacking. The group claims that a few records of IP addresses by which accesses were made to south Korean computer networks prove that the case was the ‘north’s work.’ This cannot be construed otherwise than evidence of ignorance of how cyber warfare is waged,” KCNA reported.

The next piece of evidence came in the form of software code used to mount the attacks. Of 76 pieces of code recorded, roughly a third were identical to code used in previous hacking attempts against South Korea, the government report said.

“This assertion is utterly baseless,” KCNA quoted the spokesman as saying.

The rebuttal then goes on to assert that South Korea doesn’t really understand how hackers operate. If it did, it wouldn’t have come to its conclusions.

“All this goes to clearly prove that what the group claims is nothing but a sinister plot hatched by those hell-bent on the confrontation with fellow countrymen, bereft of even an elementary concept of the cyber warfare,” the spokesman told KCNA.

The response shouldn’t come as a surprise to anyone that watches the peninsula. It was inevitable whether the DPRK was behind the hacking or not.

What’s more interesting perhaps is that it marks the first time the state-run media has commented on the event in a major way. On March 20 and in the days after, the North Korean government didn’t mention the attacks. Perhaps that’s because this time, unlike after previous computer attacks, the South Korean government didn’t immediately assign blame to the DPRK. But plenty of others in Seoul were pointing their fingers towards Pyongyang.

For whatever reason, North Korea decided to speak up only after the government made its allegations.

[Update]

Here’s what Voice of Korea, the DPRK’s international radio station, had to say about the report:

Go to Top