South Korean Investigative Authorities Accuse North Korea For Cyber-attack On Nonghyup

By Author: eccuni
Total Articles: 211
Comment this article

Investigators in South Korea have blamed North Korea for the recent cyber-attack on National Agricultural Cooperative Federation (Nonghyup). The cyber-attack led to the disruption of the computer network of the financial institution last month. The cyber-attack paralyzed the Automated Teller Machine (ATM) services and online banking services, which reportedly affected around 20 million customers of Nonghyup. The Seoul Central District Prosecutors’ Office have revealed that an IP address involved in the latest attack, matched with the IP address used in an earlier attack attributed to North Korea. Some reports suggest that alleged IP address pertains to North Korean Reconnaissance General Bureau.

Internet has provided a new and convenient platform for information warfare. The anonymity of the Internet, the availability of the attack toolkits to compromise several computers, the ability to command compromised computers provide opportunity to launch covert attacks on critical infrastructural facilities of rival nations. Attackers located in a particular country may establish command and control servers in other countries ...
... and launch cyber-attacks on a targeted resource. Authorities have blamed cybercriminals affiliated to rival nations for attacks on critical infrastructure facilities in United States (U.S), Canada, Germany, United Kingdom (U.K) and other countries. However, investigators find it difficult to establish state involvement in attacks.

In this case, South Korean investigators revealed that attackers compromised a laptop of an information security professional controlling the Nonghyup server and used the device as a 'zombie' to infect several other computers in the network. Attackers installed malware in the laptop last year and used now to trigger the attack. Earlier this year, around 40 South Korean sites suffered cyber-attacks, which include sites associated with the President's Office, Defense and other government bodies.

Nonghyup is under fire from regulatory authorities for weak IT infrastructure. After the attack, the company plans to invest 510 billion Won to improve IT security by 2015. Organizations must regularly conduct in-depth security evaluation of the IT infrastructure through professionals qualified in computer science degree, penetration testing and security audit.

Organizations must cyber security awareness among employees through training programs, workshops and compulsory e-learning modules. Employees may also undertake online degree programs to improve information security practices.

Government bodies, regulatory agencies, industry and educational institutions must collaborate to initiate new online university degree programs in accordance with latest threats to train and create future cyber warriors.