Showing posts with label south korea. Show all posts
Showing posts with label south korea. Show all posts

Saturday, July 03, 2010

North Korea Not Believed to Be Responible for 2009 Attacks

A series of attacks targeting U.S. government and South Korean web sites during early July of 2009 were initially blamed on North Korea:
"In the days after the fast-moving, widespread attack, analysis pointed to North Korea as the likely starting point because code used in the attack included Korean language and other indicators."
But according to unnamed "cybersecurity experts" in the article this no longer appears to be the case. Of course, with the same type of flawed analysis, the "experts" can now speculate who else might be involved:
"These officials point suspicions at South Koreans, possibly activists, who are concerned about the threat from North Korea and would be looking to ramp up antagonism toward their neighbor."
The article, as usual, provides little to no details that can be independently analyzed and appears to be confused about the exact nature of the attack, The article first describes the attacks as "...crippling strikes, known as "denial of service" attacks" but later says "...the attacks were largely restricted to vandalizing the public Web pages..." of the victims.

That confusion aside, this is another classic case of "cybersecurity experts" trying to use only technical analysis to determine motive. By itself, it just doesn't work (see Analyzing the Google Attacks - Plenty of Room for Mistakes). To assume that the use of the Korean language in attack code implies the source is North (or South) Korea is a very weak inference. It might be true but other explanations (such as a Korean national in San Francisco or a Korean speaker in Japan) are equally likely.

It requires more than a few technical indicators to develop a strong case showing source and motive.

US largely ruling out NKorea in 2009 cyberattacks
Posted by at No comments:
Labels: , , ,

Wednesday, October 15, 2008

Computer Intrusions Rise to the Attention of South Korea's Prime Minister

The Prime Minister of South Korea has issued a warning to his cabinet on the growing threat of network intrusions from North Korea and China targeting government information:
"The National Intelligence Service (NIS), Seoul's main spy agency, said it had told [South Korean Prime Minister Han Seung-Soo] that about 130,000 items of government information had been hacked over the past four years."
and;
"The documents largely focused on foreign policy and national security, he [A NIS spokesman] added without elaborating."


SKorean PM warns of hacking threat by NKorea, China (AFP)
Posted by at No comments:
Labels: , , ,

Wednesday, October 01, 2008

South Korean Missile Manufacturer Compromised with Malicious Code

This article provides very little information about an alleged breach of computer systems at South Korean guided missile manufacturer, LIGNex1 Hyundai Heavy Industries.

The report states that malicious code was planted "through which they stolen [sic] information.
"A spokesperson said: “The research institute suspects the culprits are Chinese or North Korean hackers but doesn't know specifically what information they stole. In the worst case, the blueprints of missiles and Aegis ship could have been stolen."


South Korean defence suppliers uncover malicious code
Posted by at No comments:
Labels: , , ,

Monday, October 01, 2007

South Korean Government Cracks Down on Anti-Draft Websites

AFP reports on efforts by the South Korean Government to block websites that advise citizens how to avoid the draft in the ROK.

Letters were sent to major Internet providers requesting the sites be taken down.

SKorea cracks down on Internet draft-dodgers
Posted by at No comments:
Labels: ,
Subscribe to: Posts (Atom)