tag:blogger.com,1999:blog-36405856.post2977884312542609831..comments2024-03-26T03:31:06.199-04:00Comments on Ask a Korean!: Just How Formidable are North Korea's Hackers?T.K. (Ask a Korean!)http://www.blogger.com/profile/07663422474464557214noreply@blogger.comBlogger5125tag:blogger.com,1999:blog-36405856.post-24132191728676291802013-04-01T14:37:00.204-04:002013-04-01T14:37:00.204-04:00In reading some of the security blog entries, ther...In reading some of the security blog entries, there's good reason to be hesitant to conclude that the North Korean military launched the cyberattacks. The DarkSeoul trojans were targeted at South Korean banks, and did interfere with antivirus software common in South Korea (AhnLab and Hauri AV), but that alone does not constitute any proof. It may be that the cyberattackers decided on the timing because the heightened tensions with the North would distract investigators.<br /><br />Also, trojans targeting banking institutions have been used to cover up fraudulent wire transactions. The diversion created by the cyberattack distracts the IT staff from noticing the fraudulent activity at the time and creates a mass of server log data that can hide the traffic of the real attack.<br /><br />The fact that media organizations were also affected doesn't preclude a financial attack either. The attackers could have included media organizations as a ruse to confuse investigators further, or they may have been incidentally affected as people in the newsroom were following leads on the story of the banking attack as it progressed.<br /><br />According to SophosLabs, the trojan was not that sophisticated, and had been detectable for some time.<br /><br />Cisco and SophosLabs blogs document some of the initial research:<br />http://blogs.cisco.com/security/thoughts-on-darkseoul-data-sharing-and-targeted-attackers/<br />http://nakedsecurity.sophos.com/2013/03/20/south-korea-cyber-attack/<br /><br />Anyway, the investigation could ultimately end up proving a state-sponsored attack, it's just important not to immediately jump to that conclusion since there are other equally plausible scenarios.<br /><br /><br /><br /><br />Anonymoushttps://www.blogger.com/profile/12753984538284055900noreply@blogger.comtag:blogger.com,1999:blog-36405856.post-86365858888318264832013-04-01T03:10:53.841-04:002013-04-01T03:10:53.841-04:00nknews.org is pretty good. I know the Korean has r...nknews.org is pretty good. I know the Korean has referenced them before.Anonymoushttps://www.blogger.com/profile/10031638403798681959noreply@blogger.comtag:blogger.com,1999:blog-36405856.post-19631391267988593182013-03-31T09:32:25.490-04:002013-03-31T09:32:25.490-04:00Here is a TED talk from a girl who managed to esca...Here is a TED talk from a girl who managed to escape from North Korea:<br />http://www.ted.com/talks/hyeonseo_lee_my_escape_from_north_korea.htmlVBhttps://www.blogger.com/profile/12803121458189359614noreply@blogger.comtag:blogger.com,1999:blog-36405856.post-69978538698538042012013-03-31T00:47:02.010-04:002013-03-31T00:47:02.010-04:00What would you consider a good, reliable source fo...What would you consider a good, reliable source for North Korea related news in English?Lindseyhttps://www.blogger.com/profile/06750056144056112266noreply@blogger.comtag:blogger.com,1999:blog-36405856.post-68548618844334420292013-03-30T01:06:33.634-04:002013-03-30T01:06:33.634-04:00Basic computer attacks are as simple as renting ti...Basic computer attacks are as simple as renting time on a botnet and launching a DDoS, or pointing and clicking with automated tools. There is no skill required. Such attacks are an everyday occurrence.<br /><br />Developing skilled computer attackers would require finding people who think outside the box and giving them unfiltered Internet access. Even free countries have uneasy relationships with such people. Unknownhttps://www.blogger.com/profile/11628478698219061504noreply@blogger.com