Famous Domestic Financial Security Certificate 'S/W Security' Breached
North Korea Hacks PCs of Public Institutions, Defense, and Bio Companies
National Intelligence Service "Concerns of Additional Damage... Urges Security Updates"
North Korea was caught by the National Intelligence Service (NIS) while conducting hacking attacks such as hacking PCs or distributing malware by exploiting security vulnerabilities in financial security authentication software (S/W) used for internet banking. The intelligence authorities disclosed this fact through a public security advisory to prevent further damage.
On the 30th, the NIS announced that, together with related organizations such as the National Police Agency, Korea Internet & Security Agency (KISA), and the National Security Technology Research Institute, it confirmed that North Korea exploited vulnerabilities in software from a well-known domestic financial security certificate company at the end of last year, hacking more than 210 PCs across about 60 major domestic and international institutions including government and public institutions, defense, and bio companies.
North Korean hacking
An NIS official explained, "We are disclosing the related facts jointly detected with relevant agencies to prevent the damage from spreading on a large scale," and added, "We urge the public to promptly update the financial security authentication software."
According to the NIS, the software from company A, a well-known domestic financial security certificate provider exploited in the hacking, is a program related to electronic finance and public sector certificates, estimated to be installed on more than 10 million institution, company, and personal PCs both domestically and internationally. After recognizing North Korea's attack at the end of last year, the NIS began emergency response in January this year and completed a detailed analysis of the malware's operating principles. Based on the analysis data, they cooperated with company A to conduct actual attack-defense demonstrations and have completed the development of security patches.
An NIS official said, "We are currently implementing security patches for public and financial institutions using the program in cooperation with related agencies," and reiterated, "We ask the public to promptly update their security programs to the latest version."
Furthermore, the NIS is paying attention to the increasing trend of North Korea's organized hacking attempts targeting vulnerabilities in financial security software, and plans to hold a 'Related Agencies Meeting for Preventing Financial Security S/W Breach Incidents' at the Cybersecurity Cooperation Center on the 5th of next month with related organizations. The meeting will include government agencies such as the Ministry of Science and ICT, National Police Agency, KISA, Financial Supervisory Service, Financial Security Institute, and 12 financial security S/W manufacturers.
An NIS official stated, "Thanks to close cooperation with the National Police Agency, KISA, and others, we were able to respond quickly to North Korea's cyberattacks," and added, "We will continue to proactively respond to North Korea's hacking threats through active information cooperation, such as sharing the latest hacking cases with related agencies."
© The Asia Business Daily(www.asiae.co.kr). All rights reserved.
