회사소개

제품

안내

고객지원

Company

Product

Information

Support

Thông tin về công ty

Sản phẩm

Thông tin

Hỗ trợ chung

Notice

Title Date
CEO Interview: Mr.Han, Seung-chul (NPCore)
NPCore will start 2019 as a strategy to strengthen its recognition as an APT defense specialist and further expand its position in the EDR and SECaaS markets. In addition, the company plans to expand to the Southeast Asian market based on domestic reference, and acquire international CC certification to make a full-fledged entry into the US procurement market. The following is the contents of the question and answer with Mr. Han, Seung-chul. thumb-3416275915_yHLlfh8S_ED959CEC8AB9ECB2A0_EB8C80ED919C_28EC9794ED94BCECBD94EC96B429_600x406Q. What is the greatest achievement in 2018? -A: In Korea, we won some large-scale anti-APT system construction projects from public institutions. As a representative example, a public institution has built a new network, introducing NPCore's anti-APT solution to external network, e-mail, and PC. Additionally, NPCore provided this institution with the control tower that can centrally monitor and manage all these solutions.  The cornerstone in overseas business is that exports exceeded 1 million dollars. We expect to see a rise in overseas sales in 2019 further more. Q. What is the flagship solution in 2019? -A:  Our flagship solution is 'ZombieZERO EDR'. Existing signature-based security solutions, such as anti-virus, are unable to respond to new and variant malware and Ransomware such as WannaCry or Pettya. In addition, traditional sandboxing techniques are also vulnerable to attacks using virtual machine bypassing malware, variant Ransomware, and SSL. To overcome these limitations, EDR (Endpoint Detection & Response) technology is becoming more important. The IOC (Indicators of Compromise) method is a post-coping method that collects traces of malware that have already been infiltrated and analyzes the patterns in the analysis system. On the other hand, NPCore's EDR responds immediately to malware before infection via execution-holding function. It also minimizes the impact of existing systems on agent operation and does not use techniques such as hooking and dll injection which are highly likely to collide. In addition, for some foreign products, the virtual analysis environment has become standardized, on the other hand, NPCore's EDR configures a virtual environment with applications that is mainly used in the local area, so its detection rate is high. Q. What are the prospects for the security market in 2019? -A: As the APT and Ransomware damages increase year by year, we expect the security market to grow in 2019. In addition, the market has been expanding from the form of purchasing and using security products to the form of easy to use security services (SECaaS -Security as a Service). Q. What is your strategy for 2019? -A: In addition to strengthening awareness and positioning as an APT specialty brand, we have established a strategy to expand our target market to the EDR and SECaaS markets. In addition, the company plans to expand its brand awareness and local network in Southeast Asia market and to advance into the US procurement market after acquiring international CC certification based on the reference delivered to domestic leading organizations. Q. What do you want to tell public or corporate security practitioners? -A: I think that there are quite a lot of people who have the idea of "I do not think our organization will become a target" even though I encountered frequent hacking incidents. This 'lack of awareness of cybersecurity' becomes the biggest vulnerability, causing hackers to take an intelligent approach and repeat the vicious cycle of finding solutions after the damage. It is time to introduce a security system that can prevent intelligent continuous attacks in advance.NPCore has developed APT-compatible solutions with its own technology and has continuously updated its products and services over the last 10 years in response to security trend changes and customer needs. We will always do our best to provide solutions that customers feel comfortable every day, and solutions that can be relieved by unexpected cyber attacks. *Original Article(KR): https://www.dailysecu.com/?mod=news&act=articleView&idxno=44610
2019.01.25

i-Web was infected by Ransomware damaging thousands of web sites

Author
admin
Date
2018-09-27 14:57
Views
424
The following is an English version of the " 아이웹 랜섬웨어 감염 사태로 수천여개 웹사이트 피해 (i-Web was infected by Ransomware damaging thousands of web sites)" written by Boaanews reporter Kyoung-Ae Kim.

*Original article link: https://www.boannews.com/media/view.asp?idx=73260&kind=0

[Boannews Reporter Kyoung-Ae Kim] i-Web, a website maker that provides a free website builder, was attacked by Ransomware during the Chuseok holiday. The i-Web builder database (DB) server was encrypted and more than a thousand websites have been damaged by Ransomware.


▲i-Web customer service board [image=-boannews]

According to boannews, it is known that the damage caused by Ransomware attack is 2,000 ~ 3,000 websites using the i-Web, and many of the Internet shopping malls including summer beach event site are occupied.

Until now, the server has been restored and operated normally, but the important data revealed on the i-Web has not been restored to the database so far. Also, in the explanation that the DB area revealed on the i-Web side is encrypted with the latest technology, the result of the report is confirmed that the encryption method is not the latest technology.

Ransomware attackers were reportedly threatening to pay 100 million won worth of coins for their money on the i-Web. It is believed that the purpose of the attacker was to crack the money by inducing the conflict with the i-Web side by attacking most of the small business people by encrypting the small web site, DB etc. stored in the server with the target of the i-Web Builder server. It is likely to be a strategy to lead negotiations by drawing customer protest, such as the case of the Internet hosting service provider Nayana.

It is reported that Cyber Security Bureau of the National Police Agency and the Korea Internet Development Agency (KISA) are currently under investigation for details such as whether Ransomware has been infected.