Cyber Incident trends in Korea KrCERT/CC Ji-Yong PARK October 21 st , 2015
Chronological order in Internet Incidents event Targeting Enterprise/Government using DDoS attack and APT Internet incident occurs targeting enterprises using APT DDoS attack continuously occurs, but purpose has changed Websites that are Impersonating Public organization (Rapid growth of Phishing websites) Spreading Malicious codes using the advantage of Popular Keywords, Social Issues
Cyber Security Trends : Treat increases rapidly Curiosity, self-esteem → extort money(by blackmail) → social chaos, cyber terror Manual → concealment, automation → organized, intelligent Individual system → large scale of network → social infrastructures, nations 3.20 Broadcasting/ financial group hacking ( ’ 13) -Threat Level Nonghyup’s Network Breakdown( ’ 11)` Phishing website( ’ 12) SK Comms( ’ 11) Hyundai Capital Stuxnet( ’ 10) ( ’ 11) CIH( ’ 97) Virus 3.4 DDoS( ’ 11) Root DNS 7.7 DDoS( ’ 09) DDoS( ’ 02) Codered( ’ 01) Blaster Worm( ’ 03) Slammer Amazon, eBay Worm( ’ 03) Auction ( ’ 08) DDoS( ’ 00) DDoS eBay Hacking Incident ( ’ 08) Worm Personal APT Information 2000 2002 2004 2006 2008 2010 2012 2013 Leakage 2014 APT(Advance ced Persiste tent t Th Thre reat) t) are a cybercrime category directed at business and political targets. APTs require a high degree of stealithiness over a prolonged duration of operation in order to be successful.
Thank You Q&A KrCERT/CC Senior Research Associate Ji-Yong PARK prakjiyong@kisa.or.kr, jypark@krcert.or.kr
Recommend
More recommend
