During the Lunar New Year holidays, the homepages of 12 domestic academic institutions were attacked in droves, and it has been revealed that a Chinese hacking organization was responsible.

Movements of them approaching to attack our government or related organizations have also been captured.

Is it because of dissatisfaction with Korea's public policy?

12 academic institutions hacked

The Korea Construction Policy Institute, a public institution, was hacked on its website on the 21st during the Lunar New Year holiday, which is believed to be the work of a Chinese hacking organization.

On the website of the Korea Construction Policy Institute, which was hacked, the English word for 'Cyber ​​Security Team' and the simplified Chinese logo for Xiaoqiying (晓骑营, which means cavalry of dawn) were displayed along with the words "We will continue to work on Korean public and government networks." will be hacked".

Now it says "Cannot connect to this page".

Enlarge Image

The Korea Internet & Security Agency (KISA) has been busy, and through a security notice, "a hacker organization presumed to be from China has hacked the Construction Policy Institute and leaked internal researcher information" As stated, security officers at each institution must take preemptive measures, such as strengthening monitoring."

In addition, a monitoring system was operated centering on the Internet Infringement Response Center of the Korea Internet & Security Agency. After the hacking of the Korea Construction Policy Institute, 11 additional sites are identified as having suffered from hacking.

The websites of these organizations are not accessible.

It just says "We can't connect to this page".

The remaining 11 are Korean Language Society, Korean Archaeological Society, Korean Parents Association, Korea National University of Education Research Institute for Early Childhood Education, Korean Society of Basic Medicine, Korean Social Studies Teaching Society, Korean Society of East-West Psychiatry, Korean Society for Cleft Lip and Palate, Korea Association for Blind Education and Rehabilitation, Jeju National University Educational Science Research Institute, Korea Educational Principles Society.

They are academic institutions that have one thing in common.

Enlarge Image

It is said that the Korea Internet & Security Agency is figuring out whether there are more institutions that have suffered additional damage.

Personal information of 161 people, including police officers, was also leaked

The Chinese hacker group, which is believed to have attacked the homepage of an academic institution in Korea, is believed to have leaked personal information of Korean citizens, including prosecutors and police officers.

Enlarge Image

It is unclear whether this information was hacked and distributed.

It is said that the security authorities are analyzing the details of the leak, and it is said that the personal information of our citizens was leaked before the hacking of the homepage of an academic institution.

It was earlier this month that the hacking group 'Xiao Qi-ying' exposed personal information. The affiliation, name, ID and password, and mobile phone number of 161 people working for domestic companies and institutions in the open source (free software) community 'Github' It is said that he posted specific personal information such as work phone number, work and home address.

It is said that many e-mail addresses belonging to companies such as POSCO, Samsung Electro-Mechanics, LG Electronics, Hyundai Steel, and Kumho Tires as well as government agencies such as the Ministry of Food and Drug Safety, National Institute of Scientific Investigation, and Defense Science Research Institute were included.

In particular, it is said that the information of prosecutors and police officers and the personal information of the spouse of the current government minister are also included.

It is necessary to check how the leaked personal information is related to this hacking.

The government "seems to have a lot of intentions for showing off"

The government understands that there is no actual damage caused by Chinese hacking groups leaking our personal information and hacking academic institutions.

However, it is believed that the reason for the hacking is to attract attention and create tension by intensively attacking sites with relatively weak security during the Lunar New Year holiday.

If you look at the exaggerated goals, such as hacking the websites of 2,000 government agencies, you can see that the intention of 'three shows off' is quite strong.

An official from the Ministry of Science and ICT said to a reporter from Yonhap News, "Most of the academic societies where the hacking (web alteration) took place are small non-profit corporations, and it seems that security management was neglected. It seems," he said.

An official from the domestic security industry also said, “We need to find out more about whether the Chinese hacking organization is a cyber disturbance or a fake (attack).” It seems to be a goal to make people nervous.”

'Xiao Qi-ying' wrapped in a veil...

Dissatisfaction with Korea?

Hacked sites are identified as organizations with less security.

The Daehan Construction Policy Institute, which was attacked on the 21st, was said to have stolen the name and contact information of its employees.

However, it is too early to evaluate the level of Xiao Qi-ying, but the hacking level and identity of Xiao Qi-ying are shrouded in a veil.

The name is said to be the name of a military organization during the Qin Dynasty in China, and since 2021 it has been known a lot while conducting cyber attacks around the world.

Enlarge Image