In a recent audit conducted by the Ministry of Public Administration and Security in South Korea, it was discovered that two government servers in the city of Daejeon were infected with crypto mining malware. This alarming revelation highlights the growing threat posed by malicious actors targeting government institutions for their own financial gain.
During the biannual audit, conducted in June last year, the auditors uncovered a series of cyber breaches on the city’s servers. One of the compromised servers was found to have been infected with mining malware, while the other had been used as a hacking transit point. These vulnerabilities allowed attackers to further propagate their malicious code throughout the network.
The auditors pointed out that a lack of additional security measures had enabled hackers to operate with impunity. The city had failed to implement secure administrator account password protection, leaving sensitive information vulnerable to exploitation. Furthermore, nearly one-fifth of the city’s information system server devices had not undergone the necessary annual diagnostic checks, exacerbating the risk of cyberattacks.
Despite the shortcomings in security measures, the Daejeon City cyber response team demonstrated quick action in detecting abnormal activities within eight days. They promptly quarantined the network and identified the presence of the malicious code. The team reported the incident to the National Intelligence Service (NIS), South Korea’s top intelligence agency responsible for handling breaches of public data.
The audit highlighted the importance of implementing robust security measures to protect government servers from crypto mining malware attacks. It emphasized the need for secure administrator account password protection and regular diagnostic checks on information system server devices. The Ministry of Public Administration and Security has instructed the Daejeon Mayoral Office to thoroughly address these issues to prevent similar incidents in the future.
Unfortunately, this incident is not the first of its kind in South Korea. In 2021, citizens in Seoul were shocked to discover that a government employee had been using city-provided energy to mine Ethereum (ETH) underneath the country’s most prestigious opera house. This case underscores the need for increased vigilance and stricter monitoring of government infrastructure.
The presence of crypto mining malware on government servers poses a significant threat to national security and public data. This incident in Daejeon serves as a wake-up call for government institutions worldwide to strengthen their cybersecurity measures. By implementing stringent password protection protocols, conducting regular diagnostic checks, and prioritizing swift detection and response, governments can better safeguard against the rising tide of crypto mining malware. Only through proactive measures and continuous vigilance can we mitigate the risks associated with this evolving form of cyber threat.