Korean Cyber Attacks Demystified With The Malware Analysis

Korean Cyber Attacks Demystified With The Malware AnalysisRecently a cyber attack on South Korean banks and broadcasters took place and the blame for the same was placed upon China. On subsequent investigation, it was made clear that China was not behind the cyber attack.

The cyber attack upon the banks and broadcasters was not a simple cyber attack but it was more on the side of cyber terrorism and cyber warfare. The aim of the cyber attack was not merely disruption of these critical utilities but to make them useless as well.

The malware that attacked South Korean banks and broadcasters was also designed to wipe and destroy sensitive information and data. The malware was not designed to steal data but to make the critical utilities useless. Hence it is more on the side of cyber terrorism and cyber warfare, depending upon who the preparatory of this cyber attack was.

As on date we have no international cyber law treaty, cyber security treaty or cyber warfare legal framework. Even the Tallinn manual on the international law is not applicable to international cyber warfare attacks and defence.

The malware that attacked South Korean banks and broadcasters was designed to corrupt the master boot record (MBR) and to delete the disk contents through direct access to physical drive, thus rendering the computer useless. The malware also had the “time bomb” functionality to corrupt the MBR. The malware was also designed to evade anti virus software especially those used in Korea. In short, the malware was specifically designed for South Korean banks and broadcasters.

The malware was not a very sophisticate one and more sophisticated malware like Stuxnet, Duqu, Flame, etc have been used in the past in different parts of the globe. However, this is a good hint what awaits South Korea in the future.