South Korean authorities have said that hackers working for the North Korean government have targeted at least 982 foreign policy experts — mostly think tanks and academics — since April.
Experts were sent phishing emails purporting to come from political figures in South Korea. Instead, they contained links to fake sites or viruses in attachments. Although this is a fairly popular method of infecting victims’ computers, hackers managed to hack several experts.
As a result, personal data of several well-known experts was stolen and e-mail lists were compromised, and another 13 companies (mostly online stores) became victims of ransomware. And while police say only 49 users gave their credentials to the fake sites and only two companies paid the $2.5 million ($1,980) ransom, it’s hard to gauge the full extent of the fallout.
It is not known what other resources North Korean hackers may have accessed during the latest campaign, but it is clear that this is not the last cyberattack on the southern neighbor. In the past, attackers posed as “security researchers” to gain the trust of potential victims, and even used the Itaewon Halloween tragedy to install malware on computers in South Korea.
Course
TEAM MANAGEMENT
Gather your dream team and lead them towards a common goal.
REGISTER!
North Korea used zero-day vulnerability in Internet Explorer to attack South Korea – Google
Over the years, North Korea has focused heavily on cyber warfare, although it has tried to deter foreign forces through more traditional methods, such as developing nuclear weapons. North Korea also distinguished itself this week by directing its drones toward South Korea, which was immediately reported by Seoul officials. South Korea, which immediately launched its fighter jets and fired more than 100 rounds, failed to shoot down any of the enemy drones (one has now returned to the DPRK, where the remaining 4 are unknown). It is also unclear whether the UAVs were armed, but South Korean officials say they were modest in size.
Cyber attacks have also been a major source of revenue for North Korea, which is in a perpetual financial crisis and largely cut off from global markets. North Korean hackers are estimated to have stolen $1.72 billion worth of cryptocurrencies since 2017.
Although the hackers covered their tracks pretty well – the targets, tactics and IP addresses led police to believe they were the same group that hacked Korea Hydro & Nuclear Power of electricity in the country) in 2014. They also believe that hackers will not stop their activities just because their efforts are exposed. South Korean authorities have urged people, especially those working in the technology and government sectors, to increase security measures and be extra vigilant.
Source: Engadget
