Was North Korea behind disruptive cyberattack on multiple US newspapers?

midian182

midian182

Posts: 9,741   +121
Staff member
In brief: A number of major US newspapers had their printing and delivery processes disrupted yesterday after they were hit with a cyberattack. It’s been reported that the attack originated from outside the United States, with some implicating the North Korea-backed Lazarus Group.

The Los Angeles Times, Chicago Tribune, Baltimore Sun and other titles belonging to Tribune Publishing suffered distribution delays on Saturday after the company detected the malware a day earlier.

Papers that share the same production platform in LA, including the west coast editions of the Wall Street Journal and New York Times, were also hit.

"We believe the intention of the attack was to disable infrastructure, more specifically servers, as opposed to looking to steal information," a source told the LA Times.

A Tribune Publishing spokeswoman, Marisa Kollias, said the malware affected back-office systems used to publish and produce "newspapers across our properties."

“There is no evidence that customer credit card information or personally identifiable information has been compromised,” she said.

In an internal memo, Tribune CEO Justin Dearborn said “workarounds” were created in order to print the affected papers’ Saturday editions.

While the publications' websites weren’t affected, customer service phone lines and time card systems were offline for some time.

Forbes reports that the malware Tribune Publishing discovered was a version of the Ryuk ransomware family, which is often attributed to the Lazarus Group. The hacking collective is thought to operate out of China but has links to North Korea. It was behind the 2014 Sony Pictures Hack, the heist on a Bangladeshi bank in 2016, and is widely believed to have been responsible for the WannaCry malware.

The Department of Homeland Security is investigating the matter. “We are aware of reports of a potential cyber incident affecting several news outlets and are working with our government and industry partners to better understand the situation," said a DHS official, in a statement.

Image credit: shutterstock

Permalink to story.

https://www.techspot.com/news/78052-north-korea-behind-disruptive-cyberattack-multiple-us-newspapers.html

 
xxLCxx said:
Hmmm... Malware, eh?
Of course it's North Korea, China, Russia or whatever alias you set for the word 'porn'. ;-)
Click to expand...

Actually, these penetrations are usually achieved first by a little social engineering that garners the hacker some contact info such as email addresses. Then they phish with a malware payload attached. Sadly, most security programs aren't very good at screening out unique attack sources. You pretty much have to whitelist your entire contact list, although if a contact is compromised you're virtually wide open. What amazes me is that known malware variants are still getting through last-layer security. Either that or the workstations are relying totally on edge defense, which is usually the mark of a cheapskate company.
 
Last edited:
psycros said:
xxLCxx said:
Hmmm... Malware, eh?
Of course it's North Korea, China, Russia or whatever alias you set for the word 'porn'. ;-)
Click to expand...

Actually, these penetrations are usually achieved first by a little social engineering that garners the hacker some contact info such as email addresses. Then they phish with a malware payload attached.
Click to expand...
The emails come as - "aimless" - mass-mails most of the time. And what is the typical lure/bait/decoy? Right, porn. ;-)
 
I have my doubts it was N. Korea simply because there was no financial gain to them. N. Korea is so financially strapped their main concentration is money and any way/place they can get it. China or Russia could also be involved because of their constant testing of US limits although Russia seems to have a more obvious coding that makes it easier to determine. If it was a free speech issue I would have expected it to have been more organized and more widely targeted ..... of course this could have simply been a test before the main event!
 
''Papers that share the same production platform in LA, including the west coast editions of the Wall Street Journal and New York Times, were also hit."
Only them wow that's small either that or everyone else is too dumb to notice the malware.
 
I honestly don't care who it was. With our government's closed door policies, why should I care? If they want me to care they can offer more transparency. As it stands they don't want anyone outside those doors caring. Whether it is true or false, it is all propaganda. We can't trust anything because of the closed doors.
 
  • Like
Reactions: xxLCxx
xxLCxx said:
The emails come as - "aimless" - mass-mails most of the time. And what is the typical lure/bait/decoy? Right, porn. ;-)
Click to expand...
The irony here is, (but of course I'm not speaking from first hand knowledge), is that almost all of the porn sharing servers are as clean as a whistle.
A friend says his AV keeps flagging only one, "Oboom", for infection.

Another friend ran into, "the FBI has locked your computer for child porn", at one of the sharing servers. She said her Firefox "NoScript" rendered it completely harmless, but the scam/ransom ware was taken down within a couple of hours anyway..

My point is, that if porn is the lure, the people victimized by malware in that way, must be hard up, naive, stupid, completely lacking in experience, or a combination of all of the foregoing. :rolleyes:

As a sort of reality check, I'd actually hope it was our NSA doing these hacks, and blaming on North Korea. Not in the sense of trying to start a war, but as a testing means to determine the penetrability of our valuable infrastructures.

It's the sort of testing that has to be done on the sly, since nobody is going open porn emails, while an IT security analyst is walking around checking the systems.
 
Last edited:
captaincranky said:
...The irony here is, (but of course I'm not speaking from first hand knowledge), is that almost all of the porn sharing servers are as clean as a whistle. ...
Click to expand...
Agreed, but the mails are typically set up to fool the idi0t into believing that he's getting "the forbidden fruit". That is, they make it look as if it's a misguided email sent to a lover. This isn't really any more clever than the old Nigerian heredity, but it's enough to get a certain percentage to go for the "picture". These idi0ts usually think it this way: "Where's the harm in taking a little peek at that picture? Anyhow, nobody's gonna know. I was so lucky that this mistake ended up in MY inbox! Why waste this little opportunity?"
 
xxLCxx said:
Agreed, but the mails are typically set up to fool the idi0t into believing that he's getting "the forbidden fruit".
Click to expand...
About those "fruit trees". you turn them upside down and the roots look pretty much alike. Speaking for my self, as often as not, fruit trees look better in the summer with their leaves on. None of that blatant double entendre withstanding, I suppose there are two possibilities. The first being the worker is goofing off with the work computer as though it was their personal cell phone. The second, (and the more unlikely), is the worker is genuinely overstressed, and opening that email, was an honest mistake.

The reality is that throughout the years, people have gotten their education about sex and malware, piecemeal, and mostly from their peers. It really should be drilled into their heads with on the job training. No matter how solid their qualifications and credentials are for the job they're assigned, they could always use, at the very least, a refresher course.

In truth though, I'd be willing to bet that the percentage or hours of actual work expected.from an employee has dropped dramatically. Once upon a time, when I had a pet dinosaur, 5 1/2 hours against 8 on the clock, was about the norm. With the advent of the web, and smart phones, I'd hazard a guess it's probably closer to 4 out of 8 nowadays. (Obviously this attaches to mostly white collar employees with access to the web).

At the other end of the spectrum, I'd rather have one good trash man on the street, than a mayor and two city councilmen..

Forgive me, I run on at times.
 
Last edited:
captaincranky said:
... The second, (and the more unlikely), is the worker is genuinely overstressed, and opening that email, was an honest mistake.
...
In truth though, I'd be willing to bet that the percentage or hours of actual work expected.from an employee has dropped dramatically. Once upon a time, when I had a pet dinosaur, 5 1/2 hours against 8 on the clock, was about the norm. With the advent of the web, and smart phones, I'd hazard a guess it's probably closer to 4 out of 8 nowadays. (Obviously this attaches to mostly white collar employees with access to the web).
...
Forgive me, I run on at times.
Click to expand...
The first is unlikely, as this almost always involves clicking away several warnings (and thereby executing something).
From what I remember, people work a lot harder than they used to (not necessarily physically). People used to have MUCH more time for each other in the past. This is often being depicted the wrong way around. Of course, if you look at the numbers (50+ hours/week vs 38, etc.) then the case seems to be clear. In reality, however, work (and life) has become A LOT more stressful.

NP, nice discussing with you. :)
 
My bet is that it was some 12 year old kid in Ohio playing with his new VPN client and hot new apps. It doesn't take the backing of a foreign country to hack a system, just asking the right person for the name and password usually does the trick.
 
You must log in or register to reply here.

Similar threads

midian182
Think tank warns that North Korea could use Western cloud services for AI-powered military...
Replies
6
Views
193
Underdog
Underdog
Daniel Sims
US sanctions will keep China 10 years behind on chipmaking, Intel CEO says
Replies
22
Views
448
Arbie
Arbie
Shawn Knight
Digital exodus: Significant dip in Internet traffic observed during eclipse
Replies
5
Views
121
jason lee
jason lee

Latest posts

Back