Protect your corporate IT network from hackers and other unwanted intruders with Proxy Sentinel™. Click here for all the details and get the peace of mind you deserve.
Back to our Homepage Proxy Sentinel™ high performance Internet proxy server and secure firewall solution Firewall Sentinel™ secure & powerful Internet firewall solution About Internet and GCIS Frequently Asked Questions on Internet security issues Internet Security Industry News - Stay informed of what's happening Contact Internet today and order your Proxy Sentinel™ or Firewall Sentinel™ server now!

North Korea has doubled the number of hackers it employs

If you need reliability when it comes to SMTP servers, get the best, get Port 587.

Get a powerful Linux Dual-Core dedicated server for less than $2.67 a day!

Share on Twitter.

July 7, 2014

Click here to order the best dedicated server and at a great price.

According to military sources from South Korea, North Korea has doubled the number of government hackers it employs since mid-2012.

The allegations claim that no less than 5900 elite personnel were employed in Pyongyang's hacking unit, up from 3000 at the beginning of 2012.

The said hackers had their crosshairs firmly fixed on Seoul but operate from offices in China, the source told the Yonhap News Agency.

"North Korea operates a hacking unit under its General Bureau of Reconnaissance, which is home to some 1200 professional hackers," the source told the agency.

The hackers developed and foisted malware against South Korean banks, media websites, thegovernment and defence agencies during the employment surge and were fended off by a 900 strong South Korean security blue team.

Last year, South Korea planned to train 5000 security people to combat attacks from the North but it was unclear if these personnel have yet been trained for the task.

Pyongyang denied launching attacks and accused Seoul of fueling diplomatic tensions. The source said that the North had more "elite" hackers than the United States with 900, and Japan housing just 90.

Pyongyang trained 100 hackers a year through Mirim and Moranbong universities, said to be run by the Government's Operations Department that spearheaded cyber war efforts.

Hackers were divided up into 600 strong brigades taught by Russian professors from the Frunze Military Academy, North Korean defector Jang Se-yul told the popular Seoul Chosun newspaper in 2011.

Intriguingly, the same source said in prior years that a lack of local facilities meant hackers had to be taught in faraway locations.

Last year, North Korea was blamed for distributed denial of service attacks against government agencies including the Presidential Blue House and media companies.

It followed much larger attacks in March that year infecting banks, insurance firms and broadcasters with malware that permanently crashed computers.

In other internet security news

In a post NSA-Edward Snowden era, a team of security experts have teamed up to create a convenient internet messenger (IM) client designed especially for whistleblowers. And yes, Snowden himself would be proud.

The?' project' promises an instant messenger app that leaves no trace. The team behind the project include Metasploit Founder HD Moore and noted expert The Grugq.

To be sure, primarily geared towards serving the stringent anonymity needs of whistleblowers, as the project website explains.

The project was established to develop an instant messenger and file transfer application that leaves virtually no evidence of conversations or file transfers having occurred.

The primary use case for this technology is for whistleblowers and media sources who wish to remain anonymous when communicating with the press or other organizations.

Still in its early development stage, the project is looking for developers to port its concept to various platforms-- Windows, OS X and Linux.

It also wants software and security experts capable of hooking the software into the darknet, specifically the i2p anonymisation network. It is also very keen to work with developers who are knowledgable about Tor.

SecureDrop and StrongBox are a good approach for large media organization such as the New York Times but are complex and require secure supporting infrastructure. The? aims to plug that gap with technology an instant message and file transfer client that leaves as small a metadata trail as possible.

TorChat offers anonymity but still requires a registered IM account with an IM provider like AOL, Yahoo or Microsoft that inevitably leaks metadata sooner or later.

The? project?openly acknowledges that any system it develops is never going to offer absolute anonymity under all circumstances. And that's fair.

"If a source is already the subject of targeted surveillance, cannot facilitate secure, anonymous chats," it concedes.

More details on the scope of the project and its general design principals can be found in the FAQ section on the?

In other internet security news

It's reported this morning that hackers have cooked up a malicious Android app that bundles a whole slew of banking fraud mishaps into a single strain of mobile malware.

The HijackRAT is a banking trojan that packs together new and previously unseen functions, according to internet security firm FireEye.

The mobile app combines private data theft, banking credentials theft, spoofing and remote access into a single malicious app.

So far, Android malware has had only one of these capabilities built-in. Under the control of hackers, the app steals SMS messages and contact lists and can send SMSs as well.

The malware can also initiate malicious app updates and scan for banking apps installed on the smartphone and replace them with fake utilities.

The malware also attempts to disable any mobile security software that might be installed on a compromised device.

The current version of the malicious app scans for eight Korean banking apps and replaces them with fake ones.

"While it's limited to just eight Korean banks right now, the cyber criminal could easily add it in the functionality for any other bank with just 20 to 30 minutes of work," according to FireEye.

Overall, unfinished functionality built into the HijackRAT malware might eventually facilitate bank hijacking attacks, according to an analysis of the mobile malware by FireEye.

Such malicious attacks would be possible because of the combination of personal information taken from compromised devices combined with the introduction of counterfeit banking apps on Android smartphones and tablets.

Although the HijackRAT malware disguises itself as a “Google Service Framework" it obviously has no affiliation with the Google Play Store.

In other internet security news

Russia isn't just interested in the Ukraine and Crimea anymore, it's now setting its goals on U.S. interests as well, although this time it's using the internet to achieve its mischief.

An internet security firm reported this week that Russian hackers have launched unprecedented, highly-sophisticated cyber attacks on American oil and gas companies.

Nicknamed 'Energetic Bear', the cyber operation is the latest example of an ongoing war between American and British cyber spies on one side, and intellectual property-stealing hackers in Russia on the other. China could even be on this as well.

The report by Symantec described how hackers have managed to sneak malware into computers at power plants, energy grid operators, gas pipeline companies and industrial equipment makers.

For now, most of the targets were in the United States and Spain, but the rest were across Europe.

The malware was used to steal documents, usernames and passwords. In the best-case scenario, the hackers only took valuable and sensitive information. At worst, they gained the ability to hijack the controls and even sabotage the U.S.' energy supply.

Another security company, Crowdstrike, first spotted the Energetic Bear operation in 2012. Crowdstrike thinks the hackers at Energetic Bear work for or alongside Russian government intelligence services at the behest of state-owned gas enterprises, including Gazpro and Rosneft.

To no big surprise, neither the Russian embassy, nor those energy companies, responded to requests for comment.

Why should you care? If a rogue nation breaks into oil and natural gas refineries at Exxon-Mobil or BP and figures out where they've discovered vast oil or natural gas reserves, it could beat them to the punch and start drilling first. That's just one reason of a long list of others, however.

If that rogue nation manages to steal blueprints to the power grid or key pipelines, it could disable them to cause economic chaos, or worse, shut everything down during a war.

"The Russians are engaged in very aggressive economic and political espionage right now," Crowdstrike co-founder Dmitri Alperovitch said.

Security researchers said Energetic Bear is notable for its military precision and planning. And Energetic Bear hackers aren't limited to just attacking the energy sector either.

Their malware has also been spotted inside the networks of European and U.S. defense contractors and health care providers, as well as manufacturers, construction companies and universities doing research in the field of nuclear energy.

"So far, we haven't seen anything of this scale with industrial control systems," said Kevin Haley, Symantec's director of security.

In other internet security news

'You need to encrypt all your stored passwords'. That's the simple message coming from Australia's privacy commissioner, at the conclusion of his long investigation of a gigantic data breach of the Cupid Media dating operation last year.

Among the 42 million customers whose data was exposed in the breach of the Queensland-headquartered company were 245,000 Australians, commissioner Timothy Pilgrim added.

The most serious security breach was that the compromised passwords were not hashed or otherwise encrypted before the data breach. Instead they were stored insecurely, in plain text, the commissioner's report states.

“The Commissioner therefore found Cupid's storage of passwords in plain text to be a major failure to take reasonable security steps,” the report warned.

Finding that Cupid Media – which operated a network of 35 dating sites so as to cover niches of ethnicity, religion, sexual preference and location – had breached Australia's privacy regulations, the commissioner's report states-- “Cupid had breached the Privacy Act by failing to take reasonable steps to secure personal information it held.”

During the investigation, the company told the commissioner it didn't hold credit card data, and asserted that since it doesn't check registrations to demonstrate that people are using real names, the data was less sensitive than for example financial information.

But the investigation did find that the preferences collected by the niche sites, along with e-mail addresses and user passwords that were compromised in the data breach, added up to breaches serious enough to bring the company under the remit of the Privacy Act.

Worse, Cupid even quibbled over the original reports that the breached database held 42 million user accounts, asserting that “this figure is not accurate because it includes 'junk' accounts and duplicate accounts”.

That statement didn't satisfy the commissioner one bit, who found that the company was retaining personal data that it didn't require-- “Cupid failed to take reasonable steps to destroy or permanently de-identify the personal information it held in relation to user accounts that were no longer in use or needed”, the commissioner warned.

The company did co-operate with the investigation, notified its users, reset their passwords, and applied patches to fix the security issues.

In other internet security news

Cisco said that it has had a rather large list of products recently certified as secure by the GCHQ's information security arm, the Communications & Electronics Security Group (CESG).

The new certification covers IPsec security gateway products in Cisco's ASA v9.1 family, hardware models 5505, 5510, 5520, 5540, 5550, 5580, 5512-X, 5515-X, 5525-X, 5545-X, 5555-X and 5585-X.

The certification only covers the products to handle information up to Britain's government “Official” classification – that is, most government information.

But as the company's product certification engineer Clint Winebrenner writes-- “This award represents the first Foundation Grade IPsec VPN product capable of supporting both the CESG interim and PRIME cipher suites, enabling public sector customers to take full advantage of the very latest cryptographic algorithms.”

Winebrenner also notes that the classifications in Britain-– Official, Secret and Top Secret were redone in April of this year with the goal of letting off-the-shelf products handle data at the lowest classification.

That means that there will be a lot of similar certifications being granted in the near future, we can assume.

Get a powerful Linux Dual-Core dedicated server for less than $2.67 a day!

Share on Twitter.

Source: The Yonhap News Agency.

Click here to order the best dedicated server and at a great price.

Save Internet's URL to the list of your favorite web sites in your Web browser by clicking here.

You can link to the Internet Security web site as much as you like.

Home | Proxy Sentinel™ | Firewall Sentinel™ | FAQ | News | Sitemap | Contact
Copyright © Internet    Terms of use    Privacy agreement    Legal disclaimer

Click here to order our special clearance dedicated servers.

Get your Linux or Windows dedicated server today.

Click here to order our special clearance dedicated servers.