With the increasing occurrence of cyber attacks, it is imperative for businesses to redefine their security strategy, notes Trend Micro Incorporated.
The leading global security company detected multiple cyber attacks on South Korean banking corporations and media agencies which recently paralysed their computer networks, therefore disrupting business operations, ATMs, online banking and TV broadcast.
This was how the attack happened:
- Spear-phishing emails were used to penetrate and compromise initial systems within the organisations
- Attackers hacked and loaded viruses onto public websites they suspect attractive targets will visit.
- Visitors to these compromised websites were then connected to offfshore websites where malicious Trojan program, known as TROJ_KILLMBR.SM, was installed.
- The Trojan program overwrites the Master Boot Record (MBR), which contains necessary information for any operating systems to boot correct, thus paralysing system and business operations.
- The MBR is wiped to makes investigation and recovery of these infected systems more difficult.
As two of Trend Micro’s threat discovery solutions detected and reported malicious traffic and messages sent to two of its customers, it was able to protect its customers from this attack.
For the last several years, Trend Micro has predicted a significant increase in cyber attacks, and has been working with its customers and partners in the region to provide custom defence.
Sign up for MIS Asia eNewsletters.