It was found that a Chinese hacker group, which had recently announced the hacking of 2,000 Korean government agencies, additionally attacked 11 homepages of domestic academic institutions. Including the Korea Construction Policy Institute, which was hacked during the Lunar New Year holiday, there are 12 damaged institutions.
According to the security industry on the 25th, the Chinese hacker organization is currently △Korean Academy of Language Studies △Korean Archeology Society △Korean Parents Association △Korea National University of Education Institute for Early Childhood Education △Korean Society for Basic Health Medicine, Korean Society of Social Studies Teaching △Korea Society of East-West Psychiatry △Korean Society for Cleft Lip and Palate. It was also confirmed that 11 websites were hacked, including the Korea Society for Education and Rehabilitation for the Blind, the Jeju National University Education Science Research Institute, and the Korean Society for Educational Principles.
Currently, some websites, such as the Korean Parents Association, are still exposed with the hacking organization’s logo and the message ‘Declare Korea’s Internet Invasion’.
If we add the case of the Daehan Construction Policy Institute, which was attacked on the 22nd, a total of 12 institutions were damaged. The attack they received is ‘D-Face’ hacking that falsifies the homepage.
The security industry sees the name of this attacker as ‘Xiao Qi-ying’. On the 21st at around 10:07 am, they announced a large-scale hacking of domestic government agencies on the Telegram channel. In addition, around 10:30 pm the previous day, the Internet addresses (URLs) of a total of 11 academic institutions were posted and the attack was foretold.
At around 3:30 a.m. on the same day, the hacker also announced the hacking of KISA, saying, “The next target is KISA.”
Meanwhile, the Ministry of Science and ICT is also responding to this attack. Minister of Science and ICT Lee Jong-ho visited the KISA Internet Infringement Response Center the day before and urgently checked the cyber attack response status and emergency response system.
On the official website from the 22nd, KISA said, “As we are concerned about additional attacks by unknown Chinese hacker organizations, the person in charge of each company needs to take precautions such as strengthening website monitoring and maintaining a contact system for maintenance and consignment companies. It guides you to do it.