On Tuesday, the US-CERT, which is part of the Department of Homeland Security, published a technical alert in conjunction with the Federal Bureau of Investigation that describes the attack campaign as well as the "tools and infrastructure used by cyber actors of the North Korean government to target the media, aerospace, financial, and critical infrastructure sectors in the United States and globally".
The North Korean government is very good at hacking-and they're targeting media, aerospace, and financial companies in the United States. The group also targeted entities globally, the report said. The US-CERT report suggests Hidden Cobra was the botnet used by these two groups.
DeltaCharlie is a DDoS tool capable of launching Domain Name System (DNS) attacks, Network Time Protocol (NTP) attacks, and Character Generation Protocol attacks. Tuesday's alert said Hidden Cobra has been previously referred to by private sector experts as Lazarus Group and Guardians of the Peace, which have been linked to attacks such as the 2014 intrusion into Sony Corp's (6758.T) Sony Pictures Entertainment. The easiest victims of these attacks are those using older and unsupported versions of Microsoft Windows. The cyberattacks targeted weaknesses in Microsoft Corp. operating systems and Adobe Systems Inc.'s Flash software, which were patched in January and June, respectively. However, there are many more steps that can be taken to further protect an enterprise network against an attack from Hidden Cobra.
Gunman who shot top GOP congressman had history of arrests
We're all hoping for the best for our colleagues, Steve Scalise , the police officers, and others who were victims of the attack". When asked if members of Congress should carry firearms Graham said: "If their state allows them and they to want to they can".
Also included in the rare USA cyber alert are detailed explanations including indicators of compromise (IOCs), descriptions of the malware, key network signatures to be flagged, and "host-based" rules to assist cyber commandos in identifying, containing and destroying malicious network activities, according to Yonhap. The report also details additional mitigation strategies, logging practices, and methods for detection and response.
Anticipating that North Korea will continue to use the Lazarus Group to advance the dictatorship's military and strategic objectives, US authorities issued a report Tuesday identifying new details on the tools and infrastructure used by North Korea's digital army.
The United States government has issued a warning about an ongoing series of DDoS attacks and other cyber operations that it says began in 2009, and is pointing the finger squarely at North Korea.
Comments