North Korean Hackers Suspected for Attack on Seoul’s Subway System

Posted on

Hackers gained access to 213 Seoul Metro computers
According to South Korea’s National Intelligence Service (NIS), Seoul’s subway system has been attacked using techniques linked to a North Korean-linked hacking group.

The information came to us via the Korea Herald (not working now, probably under DDoS,WebCache view here), which reported today that NIS discovered an attack on Seoul Metro, a state-owned company that manages four subway lines in the nation’s capital (Lines 1, 2, 3, and 4).

North Korean Hackers Suspected for Attack on Seoul's Subway System
North Korean Hackers Suspected for Attack on Seoul’s Subway System

The attack happened during July 2013, and as a consequence of hacking two server gateways, hackers gained access to 213 of Seoul Metro’s computers.

NIS is also reporting that 58 out of the 213 computers were infected with malware, which helped attackers steal 12 documents from the computers’ hard drives.

According to official statements, the documents did not contain any kind of sensitive information, just basic human resources data, along with internal management procedures.

The Seoul subway system was not affected by the hack

None of the affected computers was used to manage the actual subway system and its trains.

Seoul Metro representatives say that the subway network is managed through a different computer system, not connected to the Internet, just for these reasons.

As with any hacking incident that happens in South Korea, first suspicions will always be taking into account that a North Korean state-sponsored group was at the source of this attack.

NIS says that because the incident took place so long ago, there were not enough logs to analyze and detect “the first point of hacking and the source of the code.”

Officials do say that the techniques they’ve observed are very similar to the same techniques used in the hacking of South Korean banks and broadcasters in March 2013. At that time, for those events, evidence pointed towards North Korea.

Only this year, Seoul Metro is reporting that over 350,000 cyber-attacks have been recorded targeting its network.

Source:http://news.softpedia.com/

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s