Hackers Strike Six State Agencies

[InfoSec News <isn () c4i org>]

http://times.hankooki.com/lpage/200406/kt2004062017114010440.htm

By Kim Tae-gyu 
Staff Reporter
06-20-2004

The computer systems of six of Korea's state agencies, including a
pair of sensitive defense research institutes, were cracked by an
anonymous hacker or hackers, according to the National Cyber Security
Center (NCSC).

The anti-cyber crime institute said on Saturday that the Peep Trojan
hacking program infected 64 computers at six government agencies,
including the Agency for Defense Development (ADD) and the Korea
Institute for Defense Analyses (KIDA).

Also affected were the Korea Atomic Energy Research Institute, the
Ministry of Maritime Affairs and Fisheries, the National Maritime
Police Agency, and the Small and Medium Business Administration.

``As soon as we discovered some government computers were contaminated
by the Peep Trojan hacking program, we took emergency measures and
currently there is no risk of data outflow,'' the NCSC said in a
statement.

The NCSC added it shut down the hackers' posting site, distributed
anti-virus programs and updated the anti-hacking system to prevent a
recurrence of the dangerous incursion.

The agency, however, failed to confirm whether or not confidential
information was stolen from the invaded agencies before the presence
of the virus was detected.

The ADD and the KIDA maintain a large amount of material, the former
being a research institute for developing Korea's weapon systems while
the latter focuses on research related to the nation's defense policy.

The Peep Trojan hacking program, which has wrought havoc this year,
especially in Taiwan, was authored by Taiwanese Wang Ping-an, arrested
by the country's cyber security authorities last month, the NCSC said.

The information-stealing virus typically comes in the form of an
e-mail attachment and executes itself when unsuspecting recipients
open the attached files.

Once launched, the malicious program gives unauthorized access to
hackers, enabling them to write, delete or edit files on the infected
machines without the owner's knowledge.

In an effort to prevent the invasion of other hacking programs, the
NCSC said it will beef up its monitoring process as well as establish
a pan-national cyber security system in cooperation with related
ministries.

The agency also recommended individual computer users update vaccine
programs and not open e-mail with suspicious attachments.



_________________________________________
ISN mailing list
Sponsored by: OSVDB.org - For 15 cents a day, you could help feed an InfoSec junkie!
(Broke? Spend 15 minutes a day on the project!)