Thursday, March 21, 2013

Cyber Attack on South Korea

       The cyber attacks this week that caused large-scale disruptions on several banks and media outlets in South Korea were most likely carried out by previously known vulnerabilities and exploits.  John Pescatore, director of emerging security trends at the SANS Institute in Bethesda, Md said,"It really doesn't matter if the attacker is a nation-state or a cybercriminal or a hacktivist or a bored teenage kid, you have to make sure you are at least at the due-diligence level for the well-known critical security controls. If you close the well-known vulnerabilities, you can stop any attacker using those techniques."
    Security firm Avast Software noted in a blog that its analysis showed the attackers appear to have exploited a previously known Internet Explorer vulnerability to infiltrate computers at the affected banks.
     Security firm Sophos added that the malware used in the attack was not particularly sophisticated and has been around for nearly a year.
     Symantec published initial findings about the attacks on South Korean banks and local broadcasting organizations and discovered the malware contained a module for wiping remote Linux machines in addition to Windows 7 and Windows XP computers.
     The simple lesson for the average computer user in all of this is: keep operating software up-to-date using the latest update version.
For more info read:

No comments:

Post a Comment