Monday December 10, 2018
Home Lead Story Home Router D...

Home Router Devices Were Compromised By Foreign Hackers Says FBI

The announcement did not provide any details about where the criminals might be based, or what their motivations could be.

0
//
cyber security
The FBI warned on Friday that foreign cyber criminals had compromised "hundreds of thousands" of home and small-office router devices around the world
Republish
Reprint

Foreign cyber criminals have compromised “hundreds of thousands” of router devices around the world, the FBI announced Friday.

The FBI warned on Friday that foreign cyber criminals had compromised “hundreds of thousands” of home and small-office router devices around the world which direct traffic on the internet by forwarding data packets between computer networks.

In a public service announcement, the FBI has discovered that the foreign cyber criminals used a VPNFilter malware that can collect peoples’ information, exploit their devices and block network traffic.

fbi
It said the malware is hard to detect, due to encryption and other tactics. Pixabay

The announcement did not provide any details about where the criminals might be based, or what their motivations could be.

“The size and scope of the infrastructure by VPNFilter malware is significant,” the FBI said, adding that it is capable of rendering people’s routers “inoperable.”

Read More:Twitter Shutting Down Most of its TV Apps

It said the malware is hard to detect, due to encryption and other tactics.

The FBI urged people to reboot their devices to temporarily disrupt the malware and help identify infected devices.

People should also consider disabling remote management settings, changing passwords to replace them with more secure ones, and upgrading to the latest firmware. (VOA)

Click here for reuse options!
Copyright 2018 NewsGram

Next Story

The Secrets Of The North Korean Hacker Army

The last component would be for governments to codify what measures would be employed as proportional responses, should additional cyberattacks

0
Hacking (representational Image), VOA

North Korean hackers continue to circumvent protections and compromise computer systems around the globe. Pyongyang’s cyber operatives, like the Lazarus Group, have been linked to computer system infiltrations like the 2014 Sony Pictures Studios hack prior to the release of the U.S. film “The Interview” and the attempted theft of close to $1 billion from the central Bangladesh bank using the SWIFT banking network in 2016.

But how did Pyongyang become so adept at hacking while not possessing rich resources and being under tough International sanctions?

Seungjoo Kim, a professor at Korea University’s Graduate School of Information Security says the answer, in part, is because North Korea’s computer hackers operate in China and Europe with easy access to the internet.

“North Korea practices their craft under real conditions, like hacking cryptocurrency sites or stealing information,” he said, “These repeated exercises help to improve their skills.”

As an instructor, Seungjoo Kim teaches his students how hackers invade other systems using traditional textbooks instruction. But without real-world trials, he says they can’t obtain the knowledge needed to test systems or prevent hostile attacks.

“Basically, you should teach basic computer knowledge, and then try to solve some hacking problems,” he said, adding that the best way to improve one’s computer infiltration skills is with real-time and real-world practice.

“North Korea acquires [their] knowledge by invading other systems,” said Kim.

He added that because North Korea can directly attack other countries, that effort has enabled Pyongyang to quickly develop their world-renowned hacking skills.

North Korea’s cyber army

Experts assert there are between 6,000 and 7,500 members of North Korea’s cyber army, split into a number of divisions to carry out cyberterrorism against state infrastructure, financial institutions, and the latest hijacking of defense technology.

Sony Pictures, North Korean, Computer
Pedestrians walk past an exterior wall of Sony Pictures Studios in Los Angeles, California, Dec. 4, 2014. That year, Sony became the victim of a cyber hack by North Korean operatives from the Lazarus Group. VOA

“North Korea was inspired by the Chinese cyberwar units and learned from them,” said NK Intellectuals Solidarity director Heung Kwan Kim, “Recognizing their power, North Korea set up the first unit within the central government in 1993.”

While Pyongyang’s Reconnaissance General Bureau is comprised of six divisions and overseas operations in South Korea, the United States, and Japan, it’s another bureau that is responsible for the bulk of North Korea’s cyber warfare.

“Unit 121 oversees Unit 180, Unit 91, and lab 110,” Heung Kwan Kim told VOA.

A 500-person strong Unit 121 was created in 1998, and in 2009 the group successfully carried out 77 attacks by overwhelming computer networks through unleashing an onslaught of Internet traffic.

This led Pyongyang to conclude that cyber-warfare was “the most suitable form of war” for North Korea in the modern era, according to Heung Kwan Kim.

Attacks continued throughout 2014, and in 2015. When North Korea reorganized their divisions, Unit 121 was given the mission of attacking a foreign nation’s infrastructure, such as transportation networks, telecommunications, gas, electric power, nuclear power, and aviation systems.

Bitcoin Price, Cryptocurrency surge, Computer
Bitcoins placed on dollar banknotes are seen in this illustration photo taken Nov. 6, 2017. Cryptocurrencies are attractive for North Korean hackers because they are difficult to trace back to their original owner. VOA

Unit 91’s focus was shifted to acquiring “advanced technologies needed for nuclear development and long-range missiles from developed countries.”

Finally, the role of Unit 180 was changed for it to target financial systems and to focus on block chain technology.

Cryptocurrency and blockchains

With international sanctions crippling Pyongyang’s coffers, Heung Kwan Kim said North Korea shifted their cyberattacks to private systems, rather than government networks, because the smaller entities weren’t as well protected.

“It’s a problem of North Korea’s high ability and low security,” he said.

The numerous attacks on small and private companies have led to allegations that Pyongyang is hacking into cryptocurrency exchanges to steal virtual money, like Bitcoin, said Seungjoo Kim. Stolen cryptocurrencies are attractive because they are difficult to trace back to their original owner.

In 2017, the North Korean hacking group Lazarus was accused of attacking South Korea cryptocurrency exchange Bithumb. The cyber thieves made off with nearly $7 million in digital currencies.

Bitcoin Price, Cryptocurrency surge, Computer
Experts: Cyber attacks Growing Increasingly Sophisticated. Pixabay

The hackers also obtained personal information of users stored on the compromised servers. The BBC reports North Korea was later able to ransom additional funds from the owners in exchange for deleting the data.

“Cryptocurrency is easy to steal because it moves in cyberspace,” said Seungjoo Kim.

He added, “To earn cryptocurrency in a legitimate way, cutting-edge computers are required, but North Korea doesn’t have them, so they attack computers abroad and hack mining programs.”

The hacked computers then send any virtual coins it uncovers to North Korean digital wallets they can convert to hard currency.

Also Read: $571 Mn In Cryptocurrency Stolen By North Korean Hacker Group

To curtail North Korea’s cyberattacks, he advocates a detente in the virtual world that’s similar to the easing of tensions taking place on the peninsula. However, that may be difficult, as it would require Pyongyang to admit it committed acts of cyberwarfare.

In addition, it would require “Russia and China not only participating in current real-world sanctions, cyber sanctions at the same time,” said Seungjoo Kim.

The last component, he said, would be for governments to codify what measures would be employed as proportional responses, should additional cyberattacks take place and prepare for those events. (VOA)