"While it is impossible to prove whether the hackers proof accidentally or deliberately left behind, it can not completely hide their tracks also mean that North Korea wanted it known," said Choi Sang-myung, advisor to the South Korean cyberwarfare commands. The theory is supported by Jang Jin-sung, a former officer of a North Korean propaganda unit.
He argues that North Korean hackers have an incentive to leave evidence behind, because successful attacks against the enemy will be rewarded with promotions. "People compete fiercely to prove their loyalty. They must leave behind evidence that they have done it," Jin-sung says.
In an attack on South Korean television companies and banks in 2013 would have been visible a short time a North Korean IP address, because the Chinese servers that were used as a proxy temporarily not working. According to security expert Richard Bejtlich let this story shows that technical features are just one part of the grant of an attack. "There should therefore be taken into account not only national but also personal incentives to solve the attribution question," he notes.
No comments:
Post a Comment