南韓於3/20日遭受駭客攻擊,包括6間金融機構及3家電視台都受到影響,因此暫停服務,受害者有新韓銀行、農協銀行、濟洲銀行銀行、KBS(韓國放送公社)、MBC(韓國文化廣播公司)和YTN(聯合電視新聞臺)…等,堪稱近年來規模最大的網路攻擊。
South Korea on 3 / 20 suffered hacker attacks, including six
financial institutions and three television stations are affected, and
therefore suspended , victims Shinhan Bank , Agricultural Bank
Association , Jeju Bank , KBS ( Korean Broadcasting System ) , MBC (
Korean culture broadcasting Corporation ) and YTN ( joint TV news station ) ...
etc. , called the largest in recent years, cyber attacks .
Sophos表示,DarkSeoul特徵是會刪除硬碟中的資料,並讓系統停擺,不過該病毒不是很複雜,而且早在一年前就被偵測到。其手法是,駭客先入侵防毒軟體廠商的病毒碼更新主機,再利用更新病毒檔的正常管道,將惡意程式傳送到企業電腦中,等到攻擊行動時間(即3/20下午2點)一到就自動啟動。
Sophos representation
, DarkSeoul feature will remove your hard drive data , and to allow
the system to shut down , but the virus is not very complicated , but a year
ago it was detected . Its approach is to hacker invasion of anti-virus software
vendors signature updates host , update the virus re-use profile normal
channels , the malware is transferred to the computer business , until the
attacks of time ( ie 3/20 14:00 ) to a automatically start .
攻擊發生後,韓國通訊廣播委員會(KCC, Korea Communications
Commission)召開緊急說明,指出該攻擊行為屬於APT並非過去較常遭遇的DDoS攻擊,同時將國家的網路攻擊警報從第二級提升到第三級的「注意(caution)」,除了增加相關人力外,政府也組成聯合調查小組展開調查
After the attack, the Korea Communications Broadcasting
Commission (KCC, Korea Communications Commission) to convene an urgent
explanation , noting that aggressive behavior is not part of APT past more
often suffered DDoS attacks, while the country's cyber attack alert
lifted from the second to the third stage class ' attention (caution) , "
in addition to associated with increased manpower , the government also formed
a joint investigation team to investigate.
駭客(Hacking)
攻擊(attack)
手法(Technique)
沒有留言:
張貼留言