fbpx
Frame-14

Privacy Ninja

        • DATA PROTECTION

        • CYBERSECURITY

        • Penetration Testing

          Secure your network against various threat points. VA starts at only S$1,000, while VAPT starts at S$4,000. With Price Beat Guarantee!

        • API Penetration Testing
        • Enhance your digital security posture with our approach that identifies and addresses vulnerabilities within your API framework, ensuring robust protection against cyber threats targeting your digital interfaces.

        • On-Prem & Cloud Network Penetration Testing
        • Boost your network’s resilience with our assessment that uncovers security gaps, so you can strengthen your defences against sophisticated cyber threats targeting your network

        • Web Penetration Testing
        • Fortify your web presence with our specialised web app penetration testing service, designed to uncover and address vulnerabilities, ensuring your website stands resilient against online threats

        • Mobile Penetration Testing
        • Strengthen your mobile ecosystem’s resilience with our in-depth penetration testing service. From applications to underlying systems, we meticulously probe for vulnerabilities

        • Cyber Hygiene Training
        • Empower your team with essential cybersecurity knowledge, covering the latest vulnerabilities, best practices, and proactive defence strategies

        • Thick Client Penetration Testing
        • Elevate your application’s security with our thorough thick client penetration testing service. From standalone desktop applications to complex client-server systems, we meticulously probe for vulnerabilities to fortify your software against potential cyber threats.

        • Source Code Review
        • Ensure the integrity and security of your codebase with our comprehensive service, meticulously analysing code quality, identifying vulnerabilities, and optimising performance for various types of applications, scripts, plugins, and more

        • Email Spoofing Prevention
        • Check if your organisation’s email is vulnerable to hackers and put a stop to it. Receive your free test today!

        • Email Phishing Excercise
        • Strengthen your defense against email threats via simulated attacks that test and educate your team on spotting malicious emails, reducing breach risks and boosting security.

        • Cyber Essentials Bundle
        • Equip your organisation with essential cyber protection through our packages, featuring quarterly breached accounts monitoring, email phishing campaigns, cyber hygiene training, and more. LAUNCHING SOON.

South Korea’s Nuclear Research Agency Hacked Using VPN Flaw

South Korea’s Nuclear Research Agency Hacked Using VPN Flaw

South Korea’s ‘Korea Atomic Energy Research Institute’ disclosed yesterday that their internal networks were hacked last month by North Korean threat actors using a VPN vulnerability.

The Korea Atomic Energy Research Institute, or KAERI, is the government-sponsored institute for the research and application of nuclear power in South Korea.

The breach was first reported earlier this month when South Korean media Sisa Journal began covering the attack. At the time, KAERI initially confirmed and then denied that the attack occurred.

In a statement and press conference held yesterday by KAERI, the institute has officially confirmed the attack and apologized for attempting to cover up the incident.

Attributed to North Korean threat actors

KAERI states the attack took place on June 14th after North Korean threat actors breached their internal network using a VPN vulnerability.

Also Read: Limiting Location Data Exposure: 8 Best Practices

KAERI states that they have updated the undisclosed VPN device to fix the vulnerability. However, access logs show that thirteen different unauthorized IP addresses gained access to the internal network through the VPN.

One of these IP addresses is linked to a North Korean state-sponsored hacking group known as ‘Kimsuky’ that is believed to work under the North Korean Reconnaissance General Bureau intelligence agency.

Image shared during the KAERI press conference
Image shared during the KAERI press conference

In October 2020, CISA issued an alert on the Kimsuky APT group and stated that they are “likely tasked by the North Korean regime with a global intelligence gathering mission.”

More recently, Malwarebytes has issued a report on how Kimsuky (aka Thallium, Black Banshee, and Velvet Chollima) has been actively targeting the South Korean government using the ‘AppleSeed’ backdoor in phishing attacks.

“One of the lures used by Kimsuky named “외교부 가판 2021-05-07” in Korean language translates to “Ministry of Foreign Affairs Edition 2021-05-07” which indicates that it has been designed to target the Ministry of Foreign Affairs of South Korea,” explains Malwarebytes’ report on the threat actor’s recent activities.

“According to our collected data, we have identified that it is one entity of high interest for Kimsuky.”

Also Read: 10 Practical Benefits of Managed IT Services

Malwarebytes states that Kimsuky has targeted other South Korean government agencies in recent phishing attacks, including:

  • Ministry of Foreign Affairs, Republic of Korea 1st Secretary
  • Ministry of Foreign Affairs, Republic of Korea 2nd Secretary
  • Trade Minister
  • Deputy Consul General at Korean Consulate General in Hong Kong
  • International Atomic Energy Agency (IAEA) Nuclear Security Officer
  • Ambassador of the Embassy of Sri Lanka to the State
  • Ministry of Foreign Affairs and Trade counselor

KAERI states that they are still investigating the attack to confirm what information has been accessed.

0 Comments

KEEP IN TOUCH

Subscribe to our mailing list to get free tips on Data Protection and Data Privacy updates weekly!

Personal Data Protection

REPORTING DATA BREACH TO PDPC?

We have assisted numerous companies to prepare proper and accurate reports to PDPC to minimise financial penalties.
×

Hello!

Click one of our contacts below to chat on WhatsApp

× Chat with us