18:44 GMT +312 November 2019
Listen Live
    A hooded man holds a laptop computer as cyber code is projected on him in this illustration picture taken on May 13, 2017

    Hacking Alert: US Warns Against North Korean ‘Hidden Cobra’ Cyber Attacks

    © REUTERS / Kacper Pempel/Illustration
    Tech
    Get short URL
    356
    Subscribe

    Washington has issued a hacking alert for websites associated with the media, aerospace industries, financial networks and key infrastructure, warning of cyber attacks from North Korean sources.

    A cyber alert issued by the Department of Homeland Security (DHS) and the Federal Bureau of Investigation (FBI) warned against a malicious attack known as "Hidden Cobra" from locations within the People's Democratic Republic of Korea (DPRK).

    The Hidden Cobra malware is associated with two better-known purveyors of malicious online activity — Lazarus Group and Guardians of the Peace — which private sector experts have linked to cyber attacks including the 2014 Sony hack, according to Reuters.

    The FBI and the DHS detailed that internet protocol (IP) addresses previously associated with malware referred to as "DeltaCharlie," a software tool known to have been used by Pyongyang to run distributed denial-of-service (DDoS) botnet attacks, were associated with Hidden Cobra, according to the alert cited by Korea Times.

    "If users or administrators detect the custom tools indicative of HIDDEN COBRA, these tools should be immediately flagged, reported to the DHS National Cybersecurity Communications and Integration Center (NCCIC) or the FBI Cyber Watch (CyWatch), and given highest priority for enhanced mitigation," the alert said, according to Korea Times.

    Cyber security experts have begun ringing alarm bells, noting a sharp uptick in malicious online activities from the DPRK.

    A cybersecurity analyst with the private company FireEye stated that his firm was on alert due to Pyongyang's increasingly aggressive cyberattacks, including attempted hacks on South Korean finance, energy and transportation networks that give the impression of advance reconnaissance presaging a major attack.

    The increased activity from the DPRK "suggests they are preparing for something fairly significant," the analyst said, cited by Japan Times.

    Also included in the rare US cyber alert are detailed explanations including indicators of compromise (IOCs), descriptions of the malware, key network signatures to be flagged, and "host-based" rules to assist cyber commandos in identifying, containing and destroying malicious network activities, according to Yonhap.

    Cyber experts announced last month that Lazarus was thought to be behind the WannaCry ransomware attack that infected more than 300,000 Windows computers around the globe, describing the connection as "highly likely," according to Reuters.

    Related:

    Qatar's Al Jazeera Says All Systems, Websites, Social Media 'Under Cyberattack'
    FBI Urged to Probe Possible Cyberattack on Federal Communication Commission
    FBI Investigating Attempted Cyberattack Against Trump Organization
    Tags:
    cyberattack, warning, hacker attack, Lazarus, Department of Homeland Security (DHS), Federal Bureau of Investigation (FBI), Pentagon, Democratic Republic of North Korea (DPRK), United States
    Community standardsDiscussion
    Comment via FacebookComment via Sputnik