Security advisory issued amidst hacking spree in South Korea

By Chanwoo Yong, The Readable
Feb. 2, 2024 9:58PM GMT+9

The Korea Internet & Security Agency (KISA) has called on companies to conduct thorough inspections and strengthen their security measures in response to the recent surge in cyberattacks. In a security advisory released on Tuesday, the agency advised companies to improve their information security by implementing countermeasures to prevent breaches.

The advisory highlights that unidentified hackers have engaged in malicious activities aimed at defacing websites, stealing sensitive information, and executing distributed denial-of-service (DDoS) attacks within South Korea. Last month, these attackers launched DDoS assaults on South Korea-based cybersecurity and media companies and issued threats of further attacks.

On January 30, a Chinese hacker known by the nickname ‘Nian’ shared a document on Telegram that listed the IP addresses, port numbers, IDs, and passwords of 90 domestic websites, encompassing hospitals, universities, and companies in South Korea. Additionally, this individual targeted a childcare center management system in Gyeonggi Province, rendering the system inaccessible for two days. Despite ongoing threats of further cyberattacks from the hacker, a KISA official has stated that an investigation is underway to determine the authenticity of the leaked information.

In its advisory, KISA underscored the critical need for security updates, which include applying the latest security patches to vital systems, such as operating systems. Furthermore, KISA recommended enhancing the account security of web administrators, conducting inspections for vulnerabilities in web servers, and implementing monitoring measures for distributed denial-of-service (DDoS) attacks.

Beyond the security recommendations, KISA issued an additional warning on Wednesday about the dangers of smishing threats. The agency warned that hackers might infiltrate the internal systems of enterprises to dispatch smishing messages to their customers. There have been reports by local news outlets of cyber incidents involving highly targeted smishing attacks. In one instance, teachers in Daegu, a southeastern city of South Korea, received a fake text message falsely claiming to announce the obituary of a school principal, accompanied by a link. Users who clicked on the link subsequently lost control over their devices.

The cover image of this article was designed by Areum Hwang. This article was edited by Dain Oh and copyedited by Arthur Gregory Willers.

Chanwoo Yong is a reporting intern for The Readable. Majoring in cybersecurity at Korea University, Yong has an intense interest in cybercrime and cybercriminals as well as a passion for making cybersecurity and its surrounding issues understandable to the general reader. Yong aspires to become a bridge between cybersecurity experts and the public by translating the experts’ language into layman’s terms the public can understand. Yong has worked as a data engineer for an AI Platform belonging to Korea University Anam Hospital, where he participated in research titled “Deep Learning-Based Prediction Model for Gait Recovery after Spinal Cord Injury.”