The Dark Seoul Cyber Attack refers to an internet hacking incident that took place on 20th March 2013 in Seoul, South Korea. The incident is considered one of the biggest cyber attacks in the history of Seoul with affected businesses including broadcasting organizations, banking institutions, and telecommunication companies.
Despite the scale of destruction, this cyber attack could have been easily prevented.
What Really Happened?
The Dark Seoul Cyber Attack was carried out using a malware that is considered by prominent cyber security experts as being quite primitive in nature. The malware attack resulted in ‘Denial of Service’ of major businesses and defacement of a website. This cyber attack could have been prevented using conventional internet security practices like an updated antivirus, default Windows protection services, and refraining from opening suspicious emails.
The Dark Seoul Cyber Attack used a technically primitive malware that was injected into the website of major corporations that were vulnerable to SQL manipulation. The malware was then presented to the employees of the targeted organization in emails and other links, supported by carefully planned social engineering techniques. Once clicked on, the malware spread into the employee’s PC and then moved into the organization’s network and worked its way forward.
The APT Connection
The cyber hacker behind the Dark Seoul Cyber Attack has previously conducted a similar hack attack in 2011, as well. Therefore, these internet hackers can be treated as being an APT or Advanced Persistent Threat.
An APT is a cyber hacker, or group of hackers, that continuously keep on conducting cyber attacks for various purposes including denial of service, defacement, espionage, data breach, and more. As the man behind the Dark Seoul Cyber Attack was involved in cyber attacks in 2011 as well, he can be classified as APT, as well.
The Zero-Day Exploit Problem
While attacks like the Dark Seoul Cyber Attack that use primitive types of malware can be prevented using conventional means of internet security, advanced malware attacks are a different story altogether.
Conventional internet security techniques like antivirus and firewalls continuously update their database with the existing virus and malware definitions. However, these definitions can prove to be less than 100% because there are still gaps in the known malware types and the unknown ones. Such a situation is called a Zero-Day exploits.
What Are Zero-Day Exploits?
As aforementioned, there are known malware signatures and then there are unknown ones. The gap between the known and the unknown is called a ‘Zero-Day’ exploit. This gap can be termed security vulnerability and is frequently exploited by cyber hackers to gain access to traditionally protected internet networks. The fact that even large online businesses like Facebook, Google, and Microsoft suffered at the hands of Zero-Day Exploit vulnerabilities is testament to the danger-potential of such a phenomenon.
Need of the Hour!
There is an urgent need to develop a comprehensive and continuously evolving strategy for tackling cyber security. A platform is required whereby all organizations can pool in their resources and knowledge to create a better network of information regarding hack attacks and how they can be prevented.
Although the number of criminals involved in cyber hacking are always upping the ante, the people on the good side like the government and security agencies can also match and exceed the capabilities of the bad guys. The government needs to develop a cyber security workforce that continuously monitors the internet for threats and warns the stakeholders of taking pre-emptive measures and avoid another cyber hacking incident.
Many countries are alleged to be having their own, government-funded wings of cyber hackers. The most prominent is China that is frequently accused of plotting cyber attacks against other countries. The integration of internet in every organization requires proper knowledge and training to be given to employees regarding cyber attacks and social engineering. Cyber attacks are initiated by humans and humans are the one that unknowingly execute suspicious, malware-infested files that allow the malware to get into the system and do its work.
The future of internet security rests in our hands!
Latest posts by Faisal Arshad (Posts)
- How to Setup VPN on DDWRT Routers - March 7, 2014
- Router Vulnerabilities Compromise Data Security of 300,000 Computers - March 6, 2014
- Torguard’s Smart DNS Unblocks Websites at Blazing Speeds - March 5, 2014