Slashdot Mirror

← Back to Stories (view on slashdot.org)

S. Korea Says Cyber Attack From North Wiped 48,700 Machines

Posted by Unknown on from the retaliation-will-be-swift-and-ineffective dept.

wiredmikey writes "An official investigation into a major cyber attack on South Korean banks and broadcasters last month has determined that North Korea's military intelligence agency was responsible. An investigation into access records and the malware used in the attack pointed to the North's military Reconnaissance General Bureau as the source, the Korea Internet and Security Agency (KISA) said on Wednesday. To spread the malware, the attackers went through 49 different places in 10 countries including South Korea, the investigation found. The attacks used malware that can wipe the contents of a computer's hard disk (including Linux machines) and damaged 48,700 machines including PCs, ATMs, and servers."

7 of 186 comments (clear)

  1. Re:Civillian cyber-casualties by Anon,+Not+Coward+D · · Score: 5, Insightful

    But I'm sure most civilians prefer an empty computer rather than being dead...

    --
    Sometimes it's better not having signature
  2. The Scoop by camperdave · · Score: 5, Informative

    Symantec has an analysis of the linux component. It relies on extracting a history of ssh connections from windows machines from an application called mRemote, an open source, multi-protocol remote connections manager.

    --
    When our name is on the back of your car, we're behind you all the way!
    1. Re:The Scoop by iggymanz · · Score: 5, Informative

      more accurately, it checks for parameters of any ssh connection *with root privileges*. everyone see the problem there? every owner of every machine that fell to the n. korean attack richly deserved what they got. piss poor security will bite one in the ass.

  3. Re:Civillian cyber-casualties by cayenne8 · · Score: 5, Insightful

    How would your livelihood be threatened if your PC was wiped? I guess you don't keep regular backups, which is the most idiotic thing I have heard all week.

    It isn't so much a person's personal PC that is the danger, but of having his bank disrupted, and he can't get money. If food distribution is messed up, if drugs can't be accessed...all this stuff is interconnected.

    Let's see what happens when some extremely urban center gets hit, say like NYC...the power goes out, food can't get in/out, and see how long it takes for things to go bad really fast.

    Hell, with so many out there living cashless....what are they going to use for payment for things, if that system is down for awhile? That alone would bring a lot of misery, even if you discount the more tragic events I put forth above.

    --
    Light travels faster than sound. This is why some people appear bright until you hear them speak.........
  4. Problem fixes itself by gnasher719 · · Score: 5, Interesting

    All the vulnerable machines were wiped. So now there are no vulnerable machines anymore. Second attack will be much harder. And the percentage of Korean users doing proper backups will probably be growing :-) (Not that I'm saying people in Korea are more negligent with backups than others).

  5. Re:Civillian cyber-casualties by hawkinspeter · · Score: 5, Insightful

    Unless you're a buddhist.

    --
    You're a temporary arrangement of matter sliding towards oblivion in a cold, uncaring universe
  6. Re:Civillian cyber-casualties by jabuzz · · Score: 5, Interesting

    Yeah just look at what happened at Royal Bank of Scotland last year. Some people at Ulster Bank (a subsidiary of RBS) where unable to access their account for the best part of a month.

    http://en.wikipedia.org/wiki/2012_RBS_computer_system_problems

    Now imagine that every bank is in the same situation as RBS along with VISA and Mastercard.