cyberattack

now browsing by tag

 
 

Why the Sony hack is unlikely to be the work of North Korea

Source: Marc’s Security Ramblings and Krypt3ia

I agree, that everyone jumping on the band-wagon, saying that N. Korea is behind this hack is wrong. This is the way I feel about a fair number of security ramblings coming from Mandiant/Fire Eye, Norse, and the rest of the huge companies out there. I think some of their information can be wrong. I also agree with the statements made at Krypt3ia, that we are now at “cyber-war” with North Korea. It feels like another Cold War race, with a lot more countries involved.

However, the really scary part, is that now, foreign influences have now proved, that they can hold United States (and companies within the US) at bay with attacks on there computer infrastructure.

 

From the article:

Everyone seems to be eager to pin the blame for the Sony hack on North Korea. However, I think it’s unlikely. Here’s why:

1. The broken English looks deliberately bad and doesn’t exhibit any of the classic comprehension mistakes you actually expect to see in “Konglish”. i.e it reads to me like an English speaker pretending to be bad at writing English.

2. The fact that the code was written on a PC with Korean locale & language actually makes it less likely to be North Korea. Not least because they don’t speak traditional “Korean” in North Korea, they speak their own dialect and traditional Korean is forbidden. This is one of the key things that has made communication with North Korean refugees difficult. I would find the presence of Chinese far more plausible. See here – http://www.nytimes.com/2006/08/30/world/asia/30iht-dialect.2644361.html?_r=0

here – http://www.nknews.org/2014/08/north-korean-dialect-as-a-soviet-russian-translation/

and here – http://www.voanews.com/content/a-13-2009-03-16-voa49-68727402/409810.html

This change in language is also most pronounced when it comes to special words, such as technical terms. That’s possibly because in South Korea, many of these terms are “borrowed” from other languages, including English. For example, the Korean word for “Hellicopter” is: 헬리콥터 or hellikobteo. The North Koreans, on the other hand, use a literal translation of “vehicle that goes straight up after takeoff”. This is because such borrowed words are discouraged, if not outright forbidden, in North Korea – http://pinyin.info/news/2005/ban-loan-words-says-north-korea/

Lets not forget also that it is *trivial* to change the language/locale of a computer before compiling code on it.

 

Read more at Marc’s Security Ramblings and at Krypt3ia

JPMorgan Chase Details Breadth of Earlier Cyber Attack

Source: Re/Code and CNBC

JPMorgan Chase said it was fully cooperating with U.S. law officials to determine the scope of a previously disclosed security breach that compromised internal information and its clients’ contact info.

On Thursday, the company disclosed that the breach impacted about 76 million households and 7 million small businesses, but it did not find evidence of unusual fraud activity related to the incident.

“[T]here is no evidence that account information for such affected customers—account numbers, passwords, user IDs, dates of birth or Social Security numbers—was compromised during this attack,” the bank said in an SEC filing. “User contact information—name, address, phone number and email address—and internal JPMorgan Chase information relating to such users have been compromised.”

Pedestrians walk by JP Morgan Chase & Company headquarters in New York.

Emmanuel Dunand | AFP | Getty Images
Pedestrians walk by JP Morgan Chase & Company headquarters in New York.

The company moved to reassure customers that they would not be responsible for any fraudulent charges and said it was continuing to investigate the matter.

Earlier Thursday, JPMorgan Chase told CNBC it was not aware of a new cyberattack on its computer network, striking down a New York Timesreport that said it was battling its second security breach in the last three months. The Times later corrected its coverage.

Read MoreHow to tap the braintrust on cybersecurity

The banking giant plans to spend to spend $250 million annually to protect itself from cyberattacks and data protection. JPMorgan CEO Jamie Dimon said in his annual report that he plans to appoint 1,000 people to focus on the effort.

“In our existing environment and at our company, cybersecurity attacks are becoming increasingly complex and more dangerous,” Dimon said. “The threats are coming in not just from computer hackers … but also from highly coordinated external attacks both directly and via third-party systems.”

CORRECTION: JPMorgan Chase’s cyberattack reportedly started in June and was discovered in July. A headline on an earlier version of this article incorrectly stated the month of the attack.