Hackers Extort S. Korea for Data on Nuclear Plants

A hacker who had posted inside information on South Korea’s nuclear power plants has made a fresh threat, demanding money in exchange for not handing over sensitive information to third countries. 

32535665.si.jpgThe hacker had posted files, including documents about the country’s indigenous advanced power reactor, on Twitter.
Using an account under the name of the president of an anti-nuclear group in Hawaii, the hacker posted additional files on Twitter, which reportedly included documents concerning the country’s indigenous advanced power reactor 1400.

“Need money. Only need to meet some demands… Many countries from Northern Europe, Southeast Asia and South America are saying they will buy nuclear reactor information. Fear selling the entire information will undermine President Park (Geun-hye)’s efforts to export nuclear reactors,” the posting said.

The hacker did not say how much money he wanted but warned that South Korea will end up losing much more if it tries to save a few hundreds of millions of dollars.

Officials from the Korea Hydro & Nuclear Power Co. (KHNP) said the documents released Thursday did not include any sensitive information and that they may have been obtained before the company boosted its security measures early last year that included completely cutting off its internal servers used to operate nuclear reactors from all outside access.
They earlier said they were not able to determine the nature or sensitivity of the released documents as safety protocol was blocking the downloading or opening of the files. 

The latest posting marked the sixth of its kind since Dec. 15. Then, a hacker who leaked information about South Korea’s nuclear plants online demanded money for not handing over sensitive information about the plants to other countries. 
The attacker had earlier demanded that KHNP shut down some of its reactors and had threatened to "bring destruction" to the power plants unless his demand was met before Christmas.

South Korea's government accused North Korea Tuesday of carrying out cyber-attacks last December on its nuclear power plant operator, describing them as a provocation, which threatened people's lives and safety.

"It's a clear provocation against our security," the unification ministry said after investigators concluded that the North was behind the attacks.

 “The malicious codes used for the nuclear operator hacking were the same in composition and working methods as the so-called ‘kimsuky’ malware that North Korean hackers use.” read a statement issued by the Republic of Korea’s Seoul Central District Prosecutor’s Office.

Recently hackers have targeted several times critical infrastructure of the South Korea, documents relates to part of the blueprints of nuclear power plants, including the hot water systems of the reactors at the Kori nuclear power plant in Gori, were blueprints of nuclear power plants, including the hot water systems of the reactors at the Kori nuclear power plant in Gori, were leaked via a Twitter account named “Who am I = No Nuclear Power.” 

Stolen data also included set of technical data and documents on reactor design. The attacker had earlier demanded that KHNP shut down some of its reactors and had threatened to "bring destruction" to the power plants unless his demand was met before Christmas. The hacker also threatened to launch 9,000 viruses as an attack against KHNP, which had reportedly found 7,000 viruses before.

"Since the so-called anti-nuclear group made its fifth release of information on Dec. 23, no cyber-attack or information leak has taken place while the documents released today appear to have been obtained long before," the company said in a press release, according to Yonhap. 

Among the information released recently was also the transcript of a telephone conversation between the South Korean president and UN Secretary General Ban Ki-moon.

ibtimes         koreatimes us edition        security affairs         independent      economic times  
 

 

« Latest Insurance Hack Affects 11 Million Customers
Anonymous and Security Agencies: Bedfellows for Good Against ISIS? »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

Resecurity, Inc.

Resecurity, Inc.

Resecurity is a cybersecurity company that delivers a unified platform for endpoint protection, risk management, and cyber threat intelligence.

ZenGRC

ZenGRC

ZenGRC - the first, easy-to-use, enterprise-grade information security solution for compliance and risk management - offers businesses efficient control tracking, testing, and enforcement.

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

North Infosec Testing (North IT)

North Infosec Testing (North IT)

North IT (North Infosec Testing) are an award-winning provider of web, software, and application penetration testing.

IoT European Research Cluster (IERC)

IoT European Research Cluster (IERC)

IERC brings together EU-funded projects with the aim of defining a common vision for IoT technology and development research challenges.

CSI

CSI

CSI is a Managed Service Provider (MSP) delivering Hybrid Multi-Cloud, Data Protection, and Cyber Security solutions to highly regulated industries.

Emsisoft

Emsisoft

Emsisoft protects your devices against all types of malware, ransomware and other threats with no-bloat anti-malware & antivirus solutions.

Bangladesh Association of Software & Information Services (BASIS)

Bangladesh Association of Software & Information Services (BASIS)

BASIS is the national trade body for Software & IT Enabled Service industry of Bangladesh.

Prompt

Prompt

Prompt supports the creation of partnerships and the setting up of industrial-institutional applied R&D projects for all ICT sectors.

HITRUST Alliance

HITRUST Alliance

HITRUST provides widely-adopted common risk and compliance management frameworks, related assessment and assurance methodologies.

AuthLite

AuthLite

With AuthLite, you can keep using all your existing software, with added two-factor authentication security placed exactly where you need it.

Networks Unlimited

Networks Unlimited

Networks Unlimited is a leading value-added distributor in Africa, providing technology solutions with a focus on security, networking, enterprise systems management and cloud technologies.

Citadel Cyber Security

Citadel Cyber Security

Citadel is a leading 'One Stop Shop' provider of consulting services in cyber and information security. Our experts operate in hundreds of business organizations in Israel and around the world.

Anterix

Anterix

Anterix is focused on empowering the modernization of critical infrastructure and enterprise businesses by enabling private broadband connectivity.

OSI Security

OSI Security

OSI Security's primary services include penetration testing, security auditing, web application security testing and risk management.

ITProTV

ITProTV

ITProTV is part of the ACI Learning family of companies providing Audit, Cyber, and IT learning solutions for enterprise and consumer markets.

Lab 1

Lab 1

Lab 1 turns criminal data breaches and attacks into insights. Get alerts of data breaches or ransomware attack incidents as they happen.

Silverse

Silverse

At Silverse, we specialize in building a comprehensive cybersecurity journey, anchored by our extensive experience, industry expertise, and an ecosystem of trusted partners.

Falconfeeds

Falconfeeds

Falconfeeds empowers businesses and security professionals with immediate access to the latest and historical threat intelligence data.

Geobridge

Geobridge

Geobridge was one of the first information security solutions providers to support cryptography and payment applications for payment processors, financial institutions and retail organizations.