March 21, 2013

HRNK hacked in broader South Korea cyberattack

The Committee for Human Rights in North Korea (HRNK) website was hacked on March 20th as part of a broader, suspected North Korean cyberattack targeting South Korean banks and news stations.

"Hacked Bye Hitman007::::The Kingdom of morocco" 
South Korea: Chinese Address Source Of Attack 
SEOUL, South Korea (AP) — A Chinese Internet address was the source of a cyberattack on one company hit in a massive network shutdown that affected 32,000 computers at six banks and media companies in South Korea, initial findings indicated Thursday.
It's too early to assign blame — Internet addresses can easily be manipulated and the investigation could take weeks — but suspicion for Wednesday's shutdown quickly fell on North Korea, which has threatened Seoul and Washington with attack in recent days because of anger over U.N. sanctions imposed for its Feb. 12 nuclear test.
South Korean regulators said they believe the attacks came from a "single organization," but they've still not finished investigating what happened at the other companies.
Experts say hackers often attack via computers in other countries to hide their identities. South Korea has previously accused North Korean hackers of using Chinese addresses to infect their networks.
(Read more
Source: NPR, Twin Cities 
Website of North Korea human rights group also hacked
The website of a U.S. group focused on human rights in North Korea was hacked at the same time as a cyberattack on South Korean targets on Wednesday.
Only the website was affected and 'Hitman 007-Kingdom of Morocco' was superimposed on a photo of a political prison camp in North Korea, usually posted on the website, said Greg Scarlatoiu, executive director of the Committee for Human Rights in North Korea (HRNK) in Washington, D.C.
Publications, biodata of the committee's board and staff, and other relevant information were also taken down from the website, and replaced with a "Hitman 007" poster, Scarlatoiu said via email on Wednesday.
[...]
HRNK said it has not identified the source of the attack on its website yet. "We have been able to restore our website, but are still working on changing the coding, and will be unable to post new content for a while," Scarlatoiu said. "We will also do our best to retrieve server logs and pinpoint the origin of the attack."
The attacks, however, occurred the day before the UN Human Rights Council votes on a resolution to establish a Commission of Inquiry on North Korean Human Rights, leading Scarlatoiu to conjecture that it would "not be unreasonable to assume that the entity that originated the attack could have been related to North Korea."
HRNK was the first organization to propose the establishment of a Commission of Inquiry in its 2006 report, called 'Failure to Protect,' he said.
The group has been targeted recently through several email attempts. "These were carefully crafted messages, drafted in fairly decent English, looking almost legit," Scarlatoiu said. "It was all about opening attachments, and fortunately we knew better than doing just that."
 (Read more)
 Source: IDG News Service
Initial investigation links Chinese address to SKorea cyberattack; experts suspect North Korea
SEOUL, South Korea — Investigators have traced a coordinated cyberattack that paralyzed tens of thousands of computers at six South Korean banks and media companies to a Chinese Internet Protocol address, but it was still unclear who orchestrated the attack, authorities in Seoul said Thursday.
The discovery did not erase suspicions that North Korea was to blame. An IP address can provide an important clue as to the location of an Internet-connected computer but can easily be manipulated by hackers operating anywhere in the world. The investigation into Wednesday’s attack could take weeks.
By Thursday, only one of the six targets, Shinhan Bank, was back online and operating regularly. It could be next week before the other companies have fully recovered.
North Korea has threatened Seoul and Washington in recent days over U.N. sanctions imposed for its Feb. 12 nuclear test, and over ongoing U.S.-South Korean military drills. It also threatened revenge after blaming Seoul and Washington for an Internet shutdown that disrupted its own network last week.
(Read more
Source: Washington Post
South Korea: Chinese address source of attack 
SEOUL, SOUTH KOREA (AP) - Investigators have traced a coordinated cyberattack that paralyzed tens of thousands of computers at six South Korean banks and media companies to a Chinese Internet Protocol address, authorities in Seoul said Thursday.
IP addresses, which are unique to each computer connected to the Internet, can easily be manipulated by hackers operating anywhere in the world, and the investigation into who was actually behind Wednesday’s attack and whether they were in China could take weeks. Suspicion for the simultaneous shutdown is still focused on North Korea, which has threatened Seoul and Washington in recent days over U.N. sanctions imposed for its Feb. 12 nuclear test and is accused of waging similar cyberattacks over the past four years.
The cyberattack did not affect the government or military, and there were no immediate reports that customers’ bank records were compromised. But it disabled scores of cash machines across the country, disrupting commerce in this tech-savvy, Internet-dependent country, and renewed questions about South Korea’s Internet security and vulnerability to hackers. 
(Read more
Source: Washington Times 
 U.S.-based civic group on N. Korea under cyberattack
WASHINGTON, March 20 (Yonhap) -- A major U.S. civilian organization campaigning to improve North Korea's human rights record has come under cyberattack, an official said Wednesday amid reports that hackers shut down the computer networks of several South Korean broadcasters and banks.
"The website of the Washington, D.C.-based Committee for Human Rights in North Korea (HRNK) has been hacked by an entity calling itself 'Hitman 007-Kingdom of Morocco,'" said Greg Scarlatoiu, executive director of the group. "Publications, together with other documents and key components of our web presence, have been taken out."
Scarlatoiu said his organization is not sure yet whether it was part of the massive cyberattack conducted primarily against South Korean targets.
He noted, however, the cyberattack on HRNK happened the day before the U.N. Human Rights Council votes on the resolution calling for the establishment of a Commission of Inquiry on North Korean Human Rights.
(Read more
Source: Yonhap, Federation of Arab News Agencies 

Categories:

0 comments: