Sophos: South Korea accuses North Korea of Cyber-Espionage
September 2008 by Sophos
IT security and control firm Sophos is reminding all organisations of the importance of properly securing their systems following reports that officers in South Korea’s military command and control centre have been the target of a spyware attack, allegedly carried out by North Korea’s electronic warfare division.
Newspapers in Seoul have today speculated that the victims of the attack (which took the form of a malicious email attachment designed to steal documents from infected computers) were on a list of military contacts given to North Korea by 35-year old, Won Jeong Hwa. Miss Won is currently facing trial in South Korea on charges of treason after defecting to the North in 2005. She is reported to have toured South Korean military bases under the guise of lecturing on the evils of Kim II Sung’s communist regime, but really used the opportunity to seduce army officers in exchange for military secrets.
"North Korea is the latest in this year’s roll call of countries accused of engaging in cyber warfare," said Graham Cluley, senior technology consultant at Sophos. "While it’s difficult to prove that this sort of espionage is happening as computer systems give hackers the anonymity they need, countries around the world have been spying for centuries and there’s no reason to believe they wouldn’t now use more up to date methods - along with the age old technique of deploying a pretty woman to weadle out the information. In this instance, it’s not known if any military secrets were stolen, but it’s an embarrassing breach of security. To defend against these attacks, no matter who is behind them, it’s essential that all organisations ensure their computer systems are fully protected and up to date with security solutions."
This accusation is the latest in a long line. Already in 2008, Sophos has reported that Germany’s foreign intelligence service allegedly used malware to spy on the Afghan ministry, while Belgium accused China of cyber-espionage and Indian officials claimed Chinese hackers had targeted the Ministry of External Affairs and the National Informatics Centre.
Sophos recommends companies automatically update their corporate IT security protection, and run a consolidated solution at their email and web gateways to defend against malware, spam and spyware.