Search This Blog

Showing posts with label South Korea. Show all posts

South Korea And Taiwan: McDonald Hit by a Data Breach

 

After unauthenticated activity on their system, the personal data of some consumers in South Korea and Taiwan were disclosed as McDonald's became the latest data breach affected firm. 

The attackers have obtained e-mails, telephone numbers, and delivery details, but consumer payment information was not included in the breach, the company claimed. On Friday, McDonald's also said that the event was swiftly recognized and managed as a comprehensive study was undertaken. 

The investigation discovered that the information from companies was breached in countries namely the U.S., South Korea, and Taiwan. 

McDonald's said the failure revealed certain corporate contact information for the US staff and franchisees and some information about locations such as seating capacity and the square footage of play areas in a message to U.S. employees. No customer information has been infringed in the US and the information regarding the employees in the United States that was exposed was not sensitive. The corporation urged employees and franchisees to keep an eye on phishing e-mails and request information from them. 

McDonald's said attackers obtained emails of consumers in South Korea and Taiwan along with their shipping numbers and addresses. McDonald's reported that hackers also took staff information of customers from Taiwan, particularly their names and contact information.

The F&B chain has indicated that its South Korea and Taiwan businesses have notified Asian regulators of the infringement and would also contact clients and staff. The officials said that its departments would also communicate probable unlawful access to the data to some South African and Russian staff. These countries were also flagged by the investigation. 

McDonald's asserted that the businesses at its restaurants were not impacted by the infringement and that there was no ransomware attack in which hackers asked for ransom to return data and transactions control to enterprises. McDonald's has declared that no ransom has been requested nor have they paid the hackers. 

McDonald's noted that its cybersecurity defense investment has expanded in recent years and that these mechanisms have helped them respond to the recent incident. Shortly after the breach was detected, the corporation announced it would shut hackers' access to data off. 

“McDonald’s will leverage the findings from the investigation as well as input from security resources to identify ways to further enhance our existing security measures,” the company said.

South Korea Under Major Cyber Attacks in Pandemic Era

 

As per Ciso, ransomware attacks have proliferated in South Korea over the last year, impacting hospitals and shopping malls as the coronavirus pandemic has increased Internet usage. 

A major plastic surgery clinic in southern Seoul disclosed on Thursday that its servers had been the target of a ransomware attack on its website. Personal data about their patients seem to have been obtained by the hackers. This is the most recent in a string of ransomware assaults recorded in the city.

According to the Ministry of Science and ICT, the number of ransomware assaults reported in the country increased by more than thrice to 127 last year, up from 39 in 2019. According to the Yonhap news agency, there have been around 65 cases so far this year. A wide spectrum of businesses has been attacked by ransomware attacks. 

Last month, Super Hero's operations were interrupted for hours due to a ransomware attack that affected 15,000 delivery employees around the world. Hackers broke into the local fashion and retail behemoth E-Land Group last November, forcing the shutdown of 23 of its 50 NC Department Store and NewCore outlet sites. 

Cyber-attacks have increased in both number and profile as the epidemic has led to more Internet usage. According to Kim Seung-joo, a cybersecurity specialist at Korea University, ransomware assaults might pose more problems than just destroying a company's complete work system because enterprises are relying more on remote work during the epidemic. 

As an outcome, a growing number of companies are paying the ransom. This technique supports the spread of ransomware. It's a vicious circle, Kim said, urging more investment in cybersecurity to avoid the crisis in the first place. 

Regrettably, the attacks appear to be part of a bigger global pattern. The hack of Colonial Pipeline, a major oil pipeline operator in the United States, was a notable recent incident. The corporation was compelled to pay a $4.4 million ransom. 

As ransomware assaults continue in South Korea, the ICT ministry established a 24-hour monitoring team last month to help businesses harmed by the attacks. Companies that have been targeted by the attacks are currently receiving assistance from the government, including the restoration of their systems.

South Korea Fines Facebook For Sharing Data Without User Consent


South Korea fines social networking giant Facebook for 6.7 billion Won (around $6 million) for sharing user data without their consent. According to PIPC (Personal Information Protection Commission), Facebook has a total userbase of around 18 million users in South Korea. It says FB shared user data of 3.3 million users to third-party companies without user consent. The incident happened from May 2012 to June 2018. Also, PIPC says that it will charge a criminal complaint against the company for violating "personal information laws." 

The shared information includes user names, academic background, work profile, relationship status, and home addresses. The users logged into other third-party apps using their FB credentials but without giving any permission to access personal information. Nonetheless, FB shared its data with the third-party apps the users were using. 

The issue came to notice when a FB user shared their data with a service while logging in with the FB account, but the user's friends didn't, however, unaware that their FB data was also shared. Following the incident, these third-party apps used Facebook's provided information to show customized ads on social media users' profiles. 

According to PIPC, with no user permission, Facebook provided user data to third-party companies and made monetary profits. PIPC also charges FB to store login credentials (with no encryption) without user knowledge and not notify the users while accessing their data. Besides this, it claims that Facebook presented fake and incomplete documents while the legal investigation was ongoing, instead of providing the real documents. 

It affected the inquiry's credibility and caused difficulties in assessing FB's clear violations of rules and laws. For this misdoing, FB was charged for an extra 66 million won. 

The company Facebook, however, claims that it provided full cooperation during PIPC's investigation. FB find PIPC's complaint regrettable; however, it will respond after the commission takes its final decision. 

"The investigation against the US tech giant started in 2018 by the Korea Communication Commission, the country's telecommunication regulator, in the wake of the Cambridge Analytica scandal. The regulator handed the case to PIPC," reports ZDNet.

United States Charged Six Russian Intelligence Officers with Involvement in An Unrestricted Huge Hacking Campaign

 


With involvement in an 'unrestricted huge hacking campaign', which incorporates the famous Petya ransomware attacks which have focused mainly on Ukraine in 2015, as of late, the Justice Department has charged six Russian intelligence officers. 

Residents and nationals of the Russian Federation (Russia)the six officials were also in Unit 74455 of the Russian Main Intelligence Directorate (GRU), a military intelligence agency of the General Staff of the Armed Forces.

 

The government claimed that the group that had attacked Ukraine has likewise hacked different computers promoting the 2018 Winter Olympics in South Korea. It likewise hacked and leaked emails of people related to Emmanuel Macron's 2017 campaign for president of France. 

Besides this, they additionally focused on the companies exploring the poisoning of former Russian operative Sergei Skripal two years ago in Britain. 

All the six hackers are GRU officers; the government said that for over two years, they had battled tirelessly to recognize these Russian GRU Officials who interweaved in a global campaign of hacking, disruption, and destabilization, representing the most dangerous and destructive cyber-attacks ever.

The GRU burrowed into three electrical administration systems and cluttered circuit breakers remotely, it was one of the first cyber-attacks and had a cyber firm that consistently focused on critical infrastructure.

The authorities had at first scrutinized and reprimanded North Korea for the strike yet later found that the GRU utilized North Korean hacking tools to throw off the experts. 

That is the motivation behind why the special agent of FBI Michael Christman insisted that the warrant is the result of over two years of strong investigation by the FBI, a position that was kept up by an agent who worked the case.

Here are the names and the acts done by the hackers referenced below: -

 

The FBI has regularly indicated that Russia is very equipped for a cybersecurity adversary, and the information uncovered in this statement shows how omnipresent and harming Russia's cyber activities are. 

While Russia is probably not going to capture the detainees, it is unlikely that they will attain any trial too.

The Worldwide Pandemic Prompts Technology Giant Samsung to Embrace Electronic Voting


There is no denying the fact that the rise of COVID-19 has taken the world by storm yet it’s very astounding that the technology sector also has been affected to a critical degree. Technology giant Samsung Electronics has thus embraced electronic voting in favor of the first run through ever during this year's annual general meeting (AGM) on March 18, asking shareholders to utilize it to help check the spread of the worldwide pandemic coronavirus. 

Samsung's investor relations website on Monday encouraged shareholders to take the opportunity to cast a ballot via the internet up to March 17. This is on the grounds that the company directed a 1-to-50 stock split in 2018, prompting a huge increment in the shareholders numbers. 

Samsung's AGM is said to be held at a convention hall in Suwon, around 30 km (18 miles) south of Seoul, with a capacity of around 3,000 people as per reports by the centre's website Samsung explicitly called for electronic voting by shareholders with manifestations, or who have visited locales with high-risk districts, or who are identified as high-risk, for instance, pregnant women and those aged 65 or above. Reflecting guidance from the "Korea Centers for Disease Control and Prevention Guidance". 

The shareholders' gathering is said to be furnished with thermal cameras and contactless thermometers, and those with fever or cough symptoms might be restricted from entering. 
Those with a fever at the scene will be coordinated to an area away from the main hall, the website informs. 

In what is the second-biggest outbreak in Asia after China, South Korea announced 74 new COVID-19 infections on Monday, bringing the nation's aggregate to 8,236 and hence such precautions are a must.

More than 300 hundred arrested in "dark web child abuse" sting!


Hundreds, around 338 people have been arrested in the worldwide sting of "largest dark web child porn marketplaces", investigators said.

The now seized English website, "Welcome to Video" hosted 2,00,000 videos showing illegal acts committed to children, which were downloaded more than a million times. The site had eight terabytes of data containing gruesome acts being done to infants, toddlers and children.

The site's owner Jong Woo Son, 23, from Korea is currently in prison, serving a sentence of 18 months. Unites States officials have unsealed nine allegations against him.

"You may try to hide behind technology but, we will find you and arrest you and prosecute you." Jessie Liu, the US attorney for the District of Columbia said in a press conference.

The site was shut down a year ago in March by US authorities, but on Wednesday officials said 338 users have been arrested from 38 countries including UK, Ireland, US, South Korea, Germany, Spain, Saudi Arabia, the United Arab Emirates, the Czech Republic and Canada.
The site also used a Bitcoin based marketplace with at least 7,300 transaction worth about 730,000 dollars. UK's National Crime Agency said "The site was one of the first to offer sickening videos for sale using the cryptocurrency bitcoin. "

The arrest was  result of a three years of hunt by National Crime Agency of Britain, and task forces from UK, US, South Korea and Germany. The officials first came across the website while investigating one of UK's worst child sex offender and paedophile, geophysicist Dr Matthew Falder in 2017. Fadler, admitted to 137 offenses and is serving a 25 years sentence for sharing images and abusive videos on the dark web. Then in March, 2018 officials went to South Korea to take down the website's server and to arrest Jong Woo Son, the owner of the site.

The officials were able to arrest many suspects by tracing the cryptocurrency transactions. Seven men from the UK and five from America have already been convicted of the investigation. One of them being, Kyle Fox another child offender already in jail for raping a five-year-old boy and sexually abused a three-year-old girl.
“The scale of this crime is eye-popping and sickening,” said John Fort, the chief of IRS criminal investigations. The task force was able to rescue 23 children from a state of constant abuse.

LTE vulnerabilities could allow eavesdroping


There are new vulnerabilities discovered with the 4G network used by smartphones. South Korean researchers discovered 36 new flaws using a technique called 'fuzzing'.

It turns out that our mobile networks may not be the safest. As LTE gets ready to make way for 5G, researchers have discovered several flaws in the Long-Term Evolution (LTE) standard, which could allow an attacker to intercept data traffic or spoof SMS messages.

The 4G LTE standard has vulnerabilities that could allow a hacker to intercept data that is being transferred on the networks. Although there has been plenty of research about LTE security vulnerabilities published in the past,  what's different about this particular study is the scale of the flaws identified and the way in which the researchers found them.

Researchers at the Korea Advanced Institute of Science and Technology Constitution (KAIST) have discovered 51 vulnerabilities with the 4G LTE standard—this includes 15 known issues and 36 new and previously undiscovered flaws with the standard.

LTE, although commonly marketed as 4G LTE, isn’t technically 4G. LTE is widely used around the world and often marketed as 4G. LTE can be more accurately described as 3.95G.

Given the widespread use of LTE, the latest findings have massive implications and clearly show wireless networks that consumers often take for granted aren't foolproof.

In their research paper [PDF], the researchers claim to have found vulnerabilities enabling attackers to eavesdrop and access user data traffic, distribute spoofed text messages, interrupt communications between base station and phones, block calls, disconnect users from the network and also access as well as manipulate data that is being transferred. The researchers are planning to present these at the IEEE Symposium on Security and Privacy in May.

“LTEFuzz successfully identified 15 previously disclosed vulnerabilities and 36 new vulnerabilities in design and implementation among the differ- ent carriers and device vendors. The findings were categorized into five vulnerability types. We also demonstrated several attacks that can be used for denying various LTE services, sending phishing messages, and eavesdropping/manipulating data traffic. We performed root cause analysis of the identified problems by reviewing the related standard and interviewing collaborators of the carriers,” said the researchers in the report.

1,600 Motel Guests Were Secretly Streamed Live






South Korea has arrested four men accused of online streaming of the “intimate private activities” of 1600 hotel rooms.

The men allegedly installed mini cameras in TVs, hair-dryer holders, and sockets, to record all the private activities which were sold on online platforms for up to $6,200.

If the allegations proved right, then they could face jail up to 10 years and a  30m won ($26,571; £20,175) fine.

The men created a website in November, where they allowed users to pay for full videos or watch 30-second clips for free. They reportedly posted 803 videos and earned money from 97 paying members before the website was taken down.

"The police agency strictly deals with criminals who post and share illegal videos as they severely harm human dignity," a spokesman for the Seoul Metropolitan Police Agency told the local newspaper the Korea Herald.

The recent incident has sparked a nationwide protest against the filming of sex and nudity as the number of such incidences have increased many folds.

"There was a similar case in the past where illegal cameras were (secretly installed) and were consistently and secretly watched, but this is the first time the police caught where videos were broadcast live on the internet," police said.