Free Essay

South Korean Malware

In:

Submitted By anshulwal
Words 688
Pages 3
South Korean Malware Attack

Reporting and technical details surrounding the malware used in the March 20, 2013, attack on
South Korean assets have been varied and inconsistent. However, there are some commonalities reported across multiple organizations that provide some level of insight into the malware, dubbed ‘DarkSeoul’.

The common attributes of the attack campaign are the following: * The malicious file wipes the master boot record (MBR) and other files. * The malware was hard coded with a specific execution date and time and searches machines for credentials with administrative/root access to servers. * The malware is written to specifically target South Korean victims. * The attack is effective on multiple operating systems. * The design is low sophistication – high damage.

When assessing the potential risk to U.S. Critical Infrastructure and Key Resources (CIKR), it is important to understand that DarkSeoul appears to have been coded for a specific target in this case and designed to evade typical South Korean antivirus processes. As this malware is currently packaged, it is a low risk to U.S. CIKR, however, the concepts underpinning this attack would likely succeed in many common enterprise environments. For this reason, U.S. CIKR owners and operators should continue the best standard security practices to avoid infection and propagation of a wiper or other type of malware that may impact their systems.

Defensive Measures

Based on the common attributes detailed above, US‐CERT reminds users and administrators of the importance of best practices to strengthen the security posture of their organization's systems.
CIKR owners and operators should work toward a resilient network model that assumes such an attack will occur against their enterprise. The goal is to minimize damage, and provide pathways for restoration of critical business functions in the shortest amount of time possible.

* Encourage users to transfer critical files to network shares, to allow for centralized backups. Leverage technical solutions to automate centralized storage where possible to reduce reliance on end-user voluntary compliance. * Execute daily backups of all critical systems, including offline and offsite copies of backup media. * Periodically execute a practice data restoration from backups, including key databases to ensure integrity of existing backups and processes. * Establish emergency communications plans should network resources become unavailable. * Isolate any critical networks (including operations networks) from business systems, and where possible segment the business networks. * Identify critical systems and evaluate the need to have on-hand spares to quickly restore service. * Recognize that without proper internal monitoring, an organization’s “Enterprise Trust Anchors” (Active Directory, PKI, two-factor authentication, etc.) and centralized management services (remote helpdesk access, patch management and asset inventory suites, etc.) could be compromised and used to subvert all other security controls. * Maintain up‐to‐date antivirus signatures and engines. * Restrict users' ability (permissions) to install and run unwanted software applications through Microsoft Software Restriction Policy (application directory whitelisting) or AppLocker, application whitelisting products, or host-based intrusion prevention software. * Enforce a strong password policy and implement regular password changes. * Keep operating system patches up to date. * Disable unnecessary services on workstations and servers. * Scan for and remove suspicious email attachments; ensure the scanned attachment is its ‘true file type’ (i.e., the extension matches the file header). * Exercise caution when using removable media (e.g., USB thumb drives, external drives, CDs). * Scan all software downloaded from the Internet prior to executing by properly authorized personnel. * Disable credential caching for all desktop devices with particular importance on critical systems such as servers and restrict the number of cached credentials for all portable devices to no more than three, if possible. This can be accomplished through a Group Policy Object (GPO). * Consider restricting account privileges. US-CERT recommends all daily operations should be executed using standard user accounts unless administrative privileges are required for that specific function. Both standard and administrative accounts should have access only to services required for nominal daily duties, enforcing the concept of separation of duties and least privilege/least access. Web and email capabilities should also be disabled on administrative accounts. Compromise of administrative accounts is one vector that allows malicious activity to become truly persistent in a network environment.

Similar Documents

Premium Essay

Foreign Exchange Market of Korea

...The Foreign Exchange Market of South Korea Brief Introduction of currency Won The currency used in South Korea is the Won, (sign: ₩; code: KRW), it can be further divided in 100 jeons, the subunit. Won has been existed for thousands of years in South Korean History. After the world war two, the Korea continent was divided into North Korea and South Korea. Both of the two countries have been using won as their currencies. The foreign exchange policy of won followed a pegging method to dollars before 1980. From 1980 to 1997 South Korea had initiated a series of actions towards floating exchange rate. During the East Asian financial crisis, the won was devalued at almost half of its original value. The monetary system The monetary system is basically consisting of four major government entities; “the Ministry of Finance and Economy (MOFE), the Bank of Korea (BOK), the Financial Supervisory Service (FSS), and the Korea Customs Service (KSS)” (Korea, South-Money). The bank of Korea, according to Savada and Shaw in their country paper on South Korea, is established as the central bank of South Korea and supervised all the financial transactions of diversified financial institutions. Its major functions also includes the issuance of currency, the determination on the monetary and credit policies, the collection and record of the statistics of overall economy, and the regulation of all private banks. It also closely partners with the central government for raising funds for public...

Words: 2048 - Pages: 9

Free Essay

South Korea

...South Korea Raises $250 Million in Policy Bank Share Sale i) Summary: The South Korean government managed to sell down its stake in Industrial Bank of Korea by 4.2%. The sale raised around $250 million, which is double of what was originally expected. This sale is good news for the government of President Park Geun-hye because he has pledged to help individuals who are financially troubled as well as small businesses. This sale is expected to help secure budget revenue in addition to furthering stake sales in the following year. It also helps by releasing more liquidity into the market. In mid-2011, the government had failed at its attempt to lower the governments stake in IBK from 68.9% to 60.5%. In total, the government sold 23.2 million shares at a fixed price of 11,400 won ($10.75) per share. The finance ministry stated both local and foreign investors evenly shared the offering. IBK was established as a bank policy to support small and midsize businesses in 1961 and went public in 2003. ii) Background: Industrial Bank of Korea has contributed to facilitating the economic activities of SMEs and enhancing their economic status. IBK has proven itself during challenging times such as the 1997 Asian financial crisis and the 2008-2009 global financial crisis. IBK started with only 200 million capital stock but is now a powerful bank that competes globally with the world’s best banks. As the world’s seventh largest exporter, South Korea has shown...

Words: 1320 - Pages: 6

Free Essay

Social Media

...CONTENTS Your References ....................................................................... i Pay and Allowances ........................................................ 1 Basic Pay .................................................................... 1 Basic Allowance for Subsistence (BAS) ...................... 1 Housing Allowances .................................................... 2 Basic Allowance for Housing (BAH) .................... 3 Transit Housing Allowance (BAH-T) .................... 3 BAH Partial .......................................................... 3 BAH Differential (BAH-DIFF) ............................... 3 Family Separation Housing - BAH (FSH-B) ......... 4 Overseas Housing Allowance (OHA) .................. 4 Family Separation Housing - OHA (FSH-O) ........ 4 Assignment Incentive Pay (AIP) .................................. 5 Hardship Duty Pay – Location (HDP-L) ....................... 6 Cost of Living Allowance (COLA) ................................. 6 CONUS Cost of Living Allowance (CONUS COLA) ..... 6 Family Separation Allowance (FSA) ............................ 7 Family Subsistence Supplemental Allowance (FSSA) . 7 Dislocation Allowance (DLA)........................................ 8 Temporary Lodging Allowance (TLA) .......................... 8 Temporary Lodging Expense (TLE) ............................. 8 Adoption Reimbursement Expenses ............................ 9 Dental Insurance ......................................................

Words: 5596 - Pages: 23

Premium Essay

South

...South Korea Business Forecast Report Executive Summary You have downloaded a PDF of BMI's latest views on the market, summarising the key findings that are assessed in detail in the new report, as well as the full report Table of Contents. Find out more about this report by contacting one of our experts on +44 (0)20 7246 5170 For more information, please contact us at: enquiry@businessmonitor.com +44 (0)20 7246 5170 South Korea Business Forecast Report Table of contents Executive Summary Core Views Key Risks To Outlook Published Date: 01 Apr 2014 5 5 5 7 7 7 8 8 8 9 9 11 11 11 12 12 12 14 14 14 15 15 16 17 south korea Q1 2014 17 17 21 21 21 21 25 25 25 26 26 26 27 28 29 29 30 Chapter 1: Political Outlook SWOT Analysis BMI Political Risk Ratings Domestic Politics Key Themes In 2014 Table: Political Overview Long-Term Political Outlook Constitutional Reform To Improve Governance- Chapter 2: Economic Outlook SWOT Analysis BMI Economic Risk Ratings Economic Activity Staying Cautious In 2014 Despite Upside Growth Surprise Table: ECONOMIC ACTIVITY Fiscal Policy Growing Corporate Leverage Posing Increasing Risk TABLE: FISCAL POLICY Monetary Policy BoK To Keep Policy Neutral Till End 2014 TABLE: MONETARY POLICY Balance of Payments south korea Q1 2014 KRW: Further Strength Capped Despite Improving Fundamentals TABLE: CURRENT ACCOUNT Chapter 3: 10-Year Forecast The South Korean Economy to 2022 Robust Growth To 2023 TABLE: Long-Term Macroeconomic...

Words: 1373 - Pages: 6

Free Essay

The Acquisition of Kia Motors by Hyundai Motors

... The Acquisition of Kia Motors by Hyundai Motors Fikre Y. Wondimu CalUniversity Author Note Fikre Y. Wondimu is a student at California Intercontinental University. Special thanks to Dr. Troy Roland and Dr. Fathiah Inserto for providing suggestions to improve this document format and content. Correspondence concerning this thesis should be addressed to Fikre Y. Wondimu, CalUniversity, 1470 Valley Vista Drive #150, Diamond Bar, CA 91765. Contact: fikre_y@yahoo.com Abstract The last decade demonstrated decreased revenue and higher value of development costs, which led the automobile industry to engage in domestic and international mergers and acquisition (M&A). This case analyis examines one of the largest M&As in the Korean automobile industry in recent years, the acquisition of Kia Motors (Kia) by Hyundai Motors (Hyundai). The case study briefly analyses the conditions of the acquisition, the integration and stabilization processes undertaken by both companies. By acquiring Kia, Hyundai enhanced its competitive position in both domestic and global markets, achieving economies of scale, scope and strengthened its local and global market. The M&A process of Hyundai/Kia did not come easy. The Post-acquisition and restructuring process faced several challenges of synergy effects prompting for strategy change in order to align with market trends in the domestic and global automobile market space. Furthermore, the...

Words: 1041 - Pages: 5

Free Essay

Korean

...K drama Beautiful days Flower boy raymun shop (11/20) Flowers for my life (6/16) Thank you (2/16) My princess Dong Yi (60/60) Heartstrings Bad guy (20/20) Cinderella’s sister (16/16) Still, marry me (16/16) Personal Preference (16/16) Reaching for the stars (20/20) Loving you a thousand times (55/55) Smile you (45/45) Shining Inheritance (25/25) You’re beautiful (16/16) Full House (16/16) Goong (20/20) Goong S (20/20) A love to kill (16/16) The snow queen (16/16) Boys before flowers (25/25) Soul mate (12/12) Someday (16/16) One fine day (16/16) Stairway to heaven (20/20) Three of heaven (10/10) Autumn tale (16/16) Spring waltz (20/20) Winter sonata (20/20) Summer scent (20/20) Sorry I love you (16/16) What happened in Bali (20/20) Sang doo ! let’s go to school (16/16) Delightful girl Choon-Hyang (17/17) If in love...like them (4/4) I am sam (5/16) Sad love story (12/20) J drama Sekai no chuusin de ai wo sakebu (2/ ) Mother (11/11) Hana Yori dango (9/9) Hana Yori dango 2 (13/13) Hana kimi (12/12) Kimi wa petto Stand up!! (11/11) One liter of tears (12/12) Last friends (11/11) Nobuta wo produce (10/10) Summer snow (11/11) Kurosagi (8/11) Attention please (7/11) code blue Movies Death bell Tada kimi wo aishiteru Tokyo boy Bad guy (Jmovie) A moment to remember Sad movie My sassy girl Marrying a millionaire 200 pounds of beauty 2 Faces of my girlfriend I’m a cyborgh but that's oke A tale of two sisters Whispering...

Words: 372 - Pages: 2

Premium Essay

Attacks on Us Websites

...private installations including websites, personal computers, private mailing addresses, various private and public networks and highly sophisticated instruments that are controlled through the use of internet. Web attacks will be launched by an individual or a group of people who are highly knowledgeable about the use of internet and the online security system. In some cases web attacks are launched simply to fulfill petty interests such as to hack into someone’s personal information, credit card information etc. While in some cases more serious agendas work as major catalysts that leads to more sophisticated web attacks which may take place in a domestic or even international level. For instance, in several occasions, Chinese and North Korean hackers were accused of hacking into U.S. government websites to steal sensitive information. And thus the concept of “cyber war” made its debut. The emergence of World Wide Web has started a revolution throughout the globe as far as information technology (IT) is taken under consideration. The use of internet has left significant impact on our personal, social, national and global orientation. As a part of the process, the United States government has also taken steps to make a strong presence in the online world through the launch of various government websites. These government websites work as the representatives of the U.S. government in the online world to millions of domestic and international users. In the United States, as recorded...

Words: 1868 - Pages: 8

Free Essay

Attacks

...Degree of damage The most advanced and most damaging ransomware in the wild at the moment, specifically targeting U.S. businesses and individuals. It's a $70 million per year criminal enterprise. Its magnitude is now confirmed by law enforcement. Some quick math shows $18,145 in costs per victim, caused by network mitigation, network countermeasures, loss of productivity, legal fees, IT services, and/or the purchase of credit monitoring services for employees or customers. As you can see, the total costs of a ransomware infection goes well above just the ransom fee itself, which is usually around $500 but can go up to $10,000. What it attacked Ransomware is a type of malware that infects a computer and restricts a user’s access to the infected computer. This type of malware, which has now been observed for several years, attempts to extort money from victims by displaying an on-screen alert. These alerts often state that their computer has been locked or that all of their files have been encrypted, and demand that a ransom is paid to restore access. This ransom is typically in the range of $100–$300 dollars, and is sometimes demanded in virtual currency, such...

Words: 2057 - Pages: 9

Free Essay

How to Protect Your Network from Cybersecurity

...How to Protect Your Network From Cyber Attacks There are three measures network administrators can take to avoid the types of network attacks that plagued U.S. and South Korean websites including www.whitehouse.gov, NASDAQ, NYSE, Yahoo!'s financial page and the Washington Post. The three areas to focus on are network based mitigation, host based mitigation and proactive measures. Network based mitigation * Install IDS/IPS with the ability to track floods (such as SYN, ICMP, etc.) * Install a firewall that has the ability to drop packets rather than have them reach the internal server. The nature of a web server is such that you will allow HTTP to the server from the Internet. You will need to monitor your server to know where to block traffic. * Have contact numbers for your ISP's emergency management team (or response team, or the team that is able to respond to such an event). You will need to contact them in order to prevent the attack from reaching your network's perimeter in the first place. Host based mitigation * Ensure that HTTP open sessions time out at a reasonable time. When under attack, you will want to reduce this number. * Ensure that TCP also time out at a reasonable time. * Install a host-based firewall to prevent HTTP threads from spawning for attack packets Proactive measures For those with the know-how, it would be possible to "fight back" with programs that can neutralize the threat. This method is used mostly by networks...

Words: 2314 - Pages: 10

Premium Essay

Essentials of Management Information Systems

...Vulnerability and Abuse 7.2 Business Value of Security and Control 7.3 Establishing a Framework for Security and Control 7.4 Technologies and Tools for Protecting Information Resources 7.5 Hands-on MIS Projects Business Problem-Solving Case: Are We Ready for Cyberwarfare? BOSTON CELTICS SCORE BIG POINTS AGAINST SPYWARE While the Boston Celtics were fighting for a spot in the playoffs several years ago, another fierce battle was being waged by its information systems. Jay Wessel, the team’s vice president of technology, was trying to score points against computer spyware. Wessel and his IT staff manage about 100 laptops issued to coaches and scouts, and sales, marketing, and finance employees, and these machines were being overwhelmed by malware (malicious software). Like any sports franchise, the Celtics are on the road a great deal of time during the playing season. Coaches, recruiters, and other staff members are at away games 40 or more times each season, using their mobile laptop computers to review plays and update the status of players. They continually sign onto the Internet and...

Words: 21009 - Pages: 85

Free Essay

Internet Censorship

...Technologies Used In Internet Censorship and Control Murdoch (2013) opines the Internet as an entity where control is always fought over for by those that use it. He further demystifies the internet, breaking it down to the two protocols that define it. These are the transmission control protocol – TCP- and the Internet Protocol –Ip. It is these protocols that enable the connection of two separate networks to each other. The protocols enable the easy connection of separate networks, without the need to make the hardware in the networks the same. It also enables restriction abstraction, where networks can be interoperable irrespective of the underlying architecture. It is important to note that the protocols are not the product of a bug; instead they are a deliberate effort to make internet connectivity seamless. The nature of the internet (which unlike other services and goods doesn’t have a single straight forward owner) raises some logical implementation queries related to its restriction. In the beginning, there were some mechanisms of control which were fronted by the members that make up the larger internet community. There existed as norms, that lacked any legal backing form the courts and law enforcement. To ensure adherence to these laws, the internet community leaders (in this case the administrators) would threaten to disconnect the perpetrators and then further block them if they persisted. At the time, it was the hope of many users and administrators that this...

Words: 1789 - Pages: 8

Free Essay

Foreign Economic Collection 2011

...COUNTERINTELLIGENCE O F F I C E O F T H E N A T I O N A L C O U N T E R I N T E L L I G E N C E E X E C U T I V E October 2011 Ta b l e o f C o n t e n t s Executive Summary ................................................................................................................................ i Scope Note ........................................................................................................................................... iii US Technologies and Trade Secrets at Risk in Cyberspace.....................................................................1 The Appeal of Collecting in Cyberspace................................................................................. .....1 Security and attribution ....................................................................................................... 1 Faster and cheaper .............................................................................................................. 2 Extra-territoriality ................................................................................................................ 2 Large but Uncertain Costs........................................................................................................... 3 Pervasive Threat from Intelligence Adversaries and Partners ...............................................................4 China: Persistent Collector..............................................................................................

Words: 11021 - Pages: 45

Free Essay

Keylogging

...TRANSACTIONS ON MOBILE COMPUTING, VOL. 1, NO. 8, AUGUST 2014 1 Keylogging-resistant Visual Authentication Protocols DaeHun Nyang, Member, IEEE, Aziz Mohaisen, Member, IEEE, Jeonil Kang, Member, IEEE, Abstract—The design of secure authentication protocols is quite challenging, considering that various kinds of root kits reside in PCs (Personal Computers) to observe user’s behavior and to make PCs untrusted devices. Involving human in authentication protocols, while promising, is not easy because of their limited capability of computation and memorization. Therefore, relying on users to enhance security necessarily degrades the usability. On the other hand, relaxing assumptions and rigorous security design to improve the user experience can lead to security breaches that can harm the users’ trust. In this paper, we demonstrate how careful visualization design can enhance not only the security but also the usability of authentication. To that end, we propose two visual authentication protocols: one is a one-time-password protocol, and the other is a password-based authentication protocol. Through rigorous analysis, we verify that our protocols are immune to many of the challenging authentication attacks applicable in the literature. Furthermore, using an extensive case study on a prototype of our protocols, we highlight the potential of our approach for real-world deployment: we were able to achieve a high level of usability while satisfying stringent security requirements. Index...

Words: 12707 - Pages: 51

Premium Essay

Samsung

...2013 SAMSUNG ELECTRONICS ANNUAL REPORT 2013 Financial Summary Samsung Electronics and Consolidated Subsidiaries 228,693 Income Statements Sales Operating Profit 2011 165,002 15,644 13,759 2012 201,104 29,049 23,845 2013 228,693 36,785 30,475 201,104 36,785 Net Income 29,049 165,002 15,644 Balance Sheets Assets Liabilities Shareholders’ Equity 2011 155,800 54,487 101,314 2012 181,072 59,591 121,480 2013 214,075 64,059 150,016 2011 2012 2013 Cash Flows Cash Flows from Operating Activities Cash Flows from Investing Activities Cash Flows from Financing Activities 2011 22,918 (21,113) 3,110 2012 37,973 (31,322) (1,865) 2013 46,707 (44,747) (4,137) (in billions of KRW) Sales and Operating Profit (in billions of KRW) Sales Operating Profit Challenge, Creativity, Collaboration By welcoming challenges of the new, creativity that pushes the possible and close and efficient collaboration, Samsung Electronics leads the astonishing evolution of technology, producing positive change for the world. 2011 22,918 This annual report includes forward-looking statements that relate to future events and can be generally identified by phrases containing words such as “believes,” “expects,” “anticipates,” “foresees,” “forecasts,” “estimates” or other words or phrases of similar meaning. These forward-looking statements are not guarantees of future performance and may involve known and unknown risks, uncertainties...

Words: 39440 - Pages: 158

Premium Essay

Consumer Behavior

...Content: Introduction: Market size and trends of the two markets P2 Comprehensive analysis The ALIBABA and the ebey market pattern P4 The principles involved in the introduction of the new product P10 Characteristics of those consumers who might be adopters P12 Hidden psychological motivations that hindered/contribute to success P14 Role of peer pressure or other elements P16 Conclusion: Recommendation/ Opinion P18 Reference P19 Introduction Market size and trends of the two markets. Alibaba since March 10, 1999 after the establishment soon became China's largest Internet companies and the world's second largest Internet companies, Alibaba is the world's leading small business e-commerce company, Alibaba Group's flagship business. Alibaba market through its three trading around the world to millions of buyers and suppliers engaged in online business.Three online marketplaces: focuses on serving importers and exporters in the international market, domestic trade in China market, and, through an associated company, to promote Japanese exports and the domestic market in Japan.In addition, Alibaba is also on the international market with a global wholesale trading platform for smaller, you need small quantities of goods to buyers fast delivery service.All transactions with the formation of a market more than 240 countries and regions from over 61 million registered users of the online community.In order to be transformed into...

Words: 6708 - Pages: 27