HOME     MENU     SEARCH     NEWSLETTER    
NEWS & INFORMATION FOR TECHNOLOGY PURCHASERS. UPDATED 3 MINUTES AGO.
You are here: Home / Network Security / Anonymous Causing New Cyber War?
Powered by Verisign:
Cloud-based solution to improve Your DDoS Attack Readiness.
Click here to learn more.
Did Anonymous Start Cyber War in Korea?
Did Anonymous Start Cyber War in Korea?
By Jennifer LeClaire / NewsFactor Network Like this on Facebook Tweet this Link thison Linkedin Link this on Google Plus
PUBLISHED:
JUNE
25
2013
Tuesday, June 25th saw the shut down of major media and government Web sites in both South Korea and North Korea. A group of anonymous hackers are taking responsibility for the attack, which coincides with the 63rd anniversary of the start of the Korean war that lasted from 1950 to 1953.

"The government confirms there was a cyberattack this morning by unidentified hackers that shut down several sites including the presidential Blue House, the prime minister's office and some media companies," the South Korean science ministry said in a statement, according to the Wall Street Journal.

According to BBC, messages praising North Korean leader Kim Jong-un and claiming that hacking collective Anonymous was responsible were left on the hacked Web sites. But the AFP reported that Anonymous denied any involvement in the South Korean cyber-attacks on its official Twitter account.

Where's the Root?

We caught up with Ross Brewer, vice president and managing director for international markets at LogRhythm, to get his take on the news reports and what they really mean for cyber security. He told us South Korea is a highly advanced and leading cyber power, so the fact that its networks have suffered two major hacks in the last six months illustrates the severity and increasing prevalence of cyber war.

Back in March, he reminded, the attackers targeted South Korea's computer networks and banks, but this time they have chosen a more significant target, which would suggest that the attacks are becoming more serious.

"Despite the rumors, the cause and origin of the attack remains unclear, and hackers managed to infiltrate systems to the point that the country was forced to issue a cyber alert -- indicating that the visibility required to effectively monitor IT systems and identify and remediate any anomalous IT network behavior was not in place," Brewer said.

Need for Forensic Analytics

Considering its last experience with cyber attacks, Brewer said it is "imperative" that South Korean organizations are constantly monitoring all of the log data generated by their IT assets, as this is where evidence of all IT network activity lies. Doing so, he said, can help to detect and respond to suspicious or unauthorized behavior the moment it takes place.

"There is also, once again, the issue of attribution. Continued, speculative accusations against North Korea will only raise existing tensions and might lead to more significant repercussions," Brewer said. "As such, further forensic analysis of the breach is needed -- but this cannot be achieved with outdated point security solutions, such as anti-virus or firewall tools."

Brewer's conclusion: continuous monitoring of IT networks affords organizations the network visibility and intelligent insight needed for such deep forensic analysis. It is this in depth analysis, he said, that will enable hacking victims to effectively mitigate risks and accurately identify the culprits."

Tell Us What You Think
Comment:

Name:

Like Us on FacebookFollow Us on Twitter
TOP STORIES NOW
MAY INTEREST YOU
High Quality CRM Data: Prevent, detect and fix errors at the point of data entry for Dynamics CRM. Trillium Software helps you achieve an accurate, synchronized, single view of customers. It's time to trust your data. Take a product tour and read CRM Analyst opinions here.
MORE IN NETWORK SECURITY
Product Information and Resources for Technology You Can Use To Boost Your Business
© Copyright 2014 NewsFactor Network, Inc. All rights reserved. Member of Accuserve Ad Network.