The process of infiltration began back in 2009 against South Korea’s military tactics with the U.S. advised experts. McAfee, researched the malware tie to a hacker group known as the New Romanic Cyber Army Team. The team has not been located as government computers are becoming the steady target for military secrets.
Cyber security experts working for McAfee dubbed the hack attack as “Operation Troy” since the words appeared consistently throughout lines of codes. Earlier this year in March the hackers attacked South Korea corporations, knocking down connectivity, and wiping hard-drives. The reach expanded into the U.S. where businesses and government agencies reported a consecutive outage.
The calling cards of the March attack included taunts of pictures including skulls and an emblazoned banner of the hacker group name. McAfee points to these items as way to cover-up the malicious underlying tactic of spying.
The hackers have stepped up the sending of malicious code to military computers. The code varies from the original code, and is looking to phish information from secured workstations. The hackers present themselves as a trusted entity on the computers, as members and employees type in accessible login’s and passwords.
Ryan Sherstobitoff, is a senior threat researcher who works for McAfee, and describes to CBS News the attacks are points of reconnaissance, he was quoted “These included names of individuals, base locations, weapons systems and assets.”
South Korea states the information could not be gleaned from their systems during the time of attack, as they were off network. Sherstobitoff advised even in closed networks, with the proper planning and configuration, access to infiltrate the internal servers can be done.
Both South Korea and U.S. experts are turning to North Korea for the blame. The reasons stand behind the code itself.
One of the passwords used to gain access to encrypted files was used repeatedly and that password addition was the number 38. U.S. cyberattacks experts point to the divide of the Korea’s on the 38th parallel, a compelling point when it comes to distributing blame.
In addition, North Korean leader Kim Jong Un has streamlined and increased technology within the country. He has devoted a substantial amount of reserves to developing the increased use and grasp of science technology.
Military keywords were included in the seeking code for the group of hackers. Once the documents or software was located with the keyword information, it was encrypted and delivered directly to the servers of the hackers.
North Korea has maintained their innocence, advising they too were attacked, but no proof has yet been uncovered from the claim. McAfee has posted a white paper on their site, advising of the research behind Operation Troy.
Written By: Angelina Bouc