Learn about the enemy - How to profile national APT hacking group

Presented at TROOPERS16 (2016), March 16, 2016, 4 p.m. (Unknown duration).

Every year, so many hacking incidents and cyber terrors happen in the South Korea. So, KrCERT/CC has analysis and profile about 500~1,000 incidents in every year. Among those incidents, there is some of attacks and cyber terrors to government agency and media, broadcasting services, power plant, banking by other country organization(Suspicious of the North Korean cyber warfare activity). They have been use malwares and attack methods made by same organization for some years, I think that organization is enemy for cyber warfare.

This presentation will inform the North Korean cyber warfare organizations and there activity. And, it will show you that analysis result of malware and attack method, similarity by North Korean cyber warfare organizations. You will be able to learn about malwares and attack method in different incidents by them has something in common.


Presenters:

  • Jinwook Chung
    Jinwook Chung is working at POC SECURITY as senior researcher. He is interested in hacking technics, new attack surface, real world hacking. He used to one of leaders in South Korean underground hacker group. He has been a organizer of POC conference and the Belluminar(CTF of POC conference) since 2006. Nowdays he studying North Korean hacking activities and OS X vulnerabilities.
  • Moonbeom Park
    Moonbeom, he is a deputy general researcher in TTPA(Trusted Third Party Agency) of Korea, has 10 years of experience in hacking analysis, digital forensic, research on hacking and forensic for IoT device, profiling hacking source. He is one of experts among government and private sector in fields of forensic, hacking analysis, hacker profiling, counter-attack on hackers. Also he has participated in various international security conference such as TROOPERS16, Hack In The Box, HITCON, Ekoparty, VXCON and RedPill.

Links:

Similar Presentations: