Officials from the Republic of Korea are saying North Korea’s military intelligence agency was responsible for the mid-March malware attacks that knocked several prominent South Korean banks and broadcasters offline, according to a Dow Jones Newswire report.
The United States government for years has been developing and deploying offensive cyber capabilities, most of it done without much in the way of public notice. That’s been changing of late, as government and military officials have become more open in discussing these capabilities and under what circumstances they might be used. Now, the U.S. Air Force has said that it has classified six unnamed tools as weapons, mainly as a way to improve the chances of those tools receiving the funding they need.
Updated 4/10/13: The U.S. House Intelligence Committee voted 18-2 for the new version of CISPA, with the two dissents coming from Democrat members of the committee.
A report released Wednesday indicates an organization on average experiences a malware-related event every three minutes, often involving business-related spear phishing and targeting technology companies.
Security-related policy or legislation is enacted and then enforced to protect corporate, government or military interests. Civil organizations are often left flailing in the wind, fending for themselves with fewer IT resources and experience than a Middle America mom-and-pop operation. Yet these non-governmental—and not-for-profit—organizations have tasked themselves with helping those targeted by lethal adversaries who aren’t just after corporate secrets, but are out to deny people their freedom or, in some cases, their lives.
Tibetan activists in China as well as those living in exile around the world are being targeted by dangerous malware that not only steals data from infected computers, but also has graduated to reporting location data from mobile devices for surveillance purposes.
The CIO of the U.S. Army failed to put in place a comprehensive security program capable of protecting data stored on commercial mobile devices such as iPhones and Androids, leaving sensitive information in key Army installations exposed. The Inspector General of the Department of Defense took the Army CIO to task in a new report, saying that the CIO “did not implement an effective cybersecurity program for [commercial mobile devices]”.
It appears that a spear phishing campaign was the genesis for the wiper malware infections that ultimately knocked several prominent South Korean banks and broadcasters offline last week, according to a malware analysis performed by researchers from the Finnish cybersecurity firm F-Secure.
The House Foreign Affairs Subcommittee on Europe, Eurasia, and Emerging Threats typically is more concerned with economics and political issues than cyber attacks, but the members spent this morning in a hearing trying to come up with an answer to a fairly straightforward, but thorny question: What consequences are serious and meaningful enough that they will deter U.S. enemies from infiltrating the country’s networks?
The other Korea’s specter loomed large among speculators and fingers pointers Wednesday morning when reports surfaced that the networks of several prominent South Korean banks and broadcasters dropped offline.
Infosec Insider content is written by a trusted community of Threatpost cybersecurity subject matter experts. Each contribution has a goal of bringing a unique voice to important cybersecurity topics. Content strives to be of the highest quality, objective and non-commercial.
Sponsored Content is paid for by an advertiser. Sponsored content is written and edited by members of our sponsor community. This content creates an opportunity for a sponsor to provide insight and commentary from their point-of-view directly to the Threatpost audience. The Threatpost editorial team does not participate in the writing or editing of Sponsored Content.
