´º¿å : Æĸ® : ¼­¿ï :   ½ÃÀÛÆäÀÌÁö·Î ¼³Á¤ Áñ°Üã±â Ãß°¡Çϱâ
 
 
 
²¿¸®´º½º l ´º¿åÇÊÁø l ¹Ì±¹ÇÊÁø l Çѱ¹ÇÊÁø l ¼¼°èÇÊÁø l »çÁøÇÊÁø l Kor-Eng    
 
²¿¸®´º½º
¡¤²¿¸®´º½º (11688)
¡¤´º½º·Î â(óë) (273)
¡¤´º½º·ÎTV (127)
²¿¸®´º½º
À°ÇÏ¿øÄ¢(׿ù¼ê«öÎ)?¿ª(æ½)ÇǶó¹Ìµå Çü½ÄÀÇ ½ºÆ®·¹ÀÌÆ® ´º½º? Á¤ÇüÈ­, Á¦µµÈ­µÈ ´º½º¸¸ ´º½º°¡ ¾Æ´Ï´Ù. ´º½ºµÚÀÇ ´º½º, ´º½º¼ÓÀÇ ´º½º¸¦ ÀÐÀÚ. ´º½º·Î¿¡¼± "²¿¸®´º½º"¸¦ ¸¸³¯ ¼ö ÀÖ½À´Ï´Ù. Àϼ±¿¡¼­ ÃëÀçÇÑ ±âÀÚµéÀÌ ÀüÇÏ´Â »ý»ýÇÑ µÞ À̾߱â, ±â°¨ ¾ø´Â ¿¡ÇǼҵå, ÃÌö»ìÀÎÀÇ ÇѸ¶µð±îÁö, ´º½º·Î µ¶ÀÚµéÀº Á¤±Ô´º½º ¹Ù·Î µÚ¿¡ ¹°¸®´Â ²¿¸®´º½º¸¦ °¨»óÇÒ ¼ö ÀÖ½À´Ï´Ù. ´õ ÀÌ»ó Ʋ¿¡ ¹ÚÈù ´º½º´Â °ÅºÎÇÕ´Ï´Ù. ¿ÀÁ÷ ´º½º·Î¸¸ÀÌ °¡´ÉÇÑ ²¿¸®´º½º¿¡¼­ ´º½ºÀÇ »õ·Î¿î ¸Ú°ú ¸ÀÀ» ´À³¢½Ê½Ã¿À.

ÃÑ °Ô½Ã¹° 11,688°Ç, ÃÖ±Ù 0 °Ç ¾È³» ±Û¾²±â
ÀÌÀü±Û  ´ÙÀ½±Û  ¸ñ·Ï ±Û¾²±â

¡°±¹Á¤¿ø ½ºÆÄÀÌ¿þ¾î Áõ°Å ÃßÀû¡± ÇØÅ·ÆÀ ÃßÀû ¡®½ÃƼÁð ·¦¡¯

´º½ºÇÁ·Î, ºô ¸¶Å©Àè ÀÎÅͺä
±Û¾´ÀÌ : ÀÓÁöȯ ³¯Â¥ : 2015-07-30 (¸ñ) 13:33:22

 

 

¿Ü½ÅÀü¹®»çÀÌÆ® ´º½ºÇÁ·Î°¡ Çѱ¹ Á¤ºÎÀÇ ¡®ÇØÅ·ÆÀ¡¯ ½ºÆÄÀÌ¿þ¾î ±¸¸Å °¡´É¼ºÀ» ½Ã»çÇÑ ¹Ù ÀÖ´Â ¡®½ÃƼÁð ·¦¡¯ ¿¬±¸¿ø ºô ¸¶Å©Àè°ú ¼­¸é ÀÎÅͺ並 Çß´Ù. ÀÎÅͺä´Â ÃÑ 2ȸ¿¡ °ÉÃÄ °ÔÀçµÉ ¿¹Á¤ÀÌ´Ù.

 

¿À¸¶ÀÌ´º½º¿¡ µû¸£¸é ºô ¸¶Å©ÀèÀº ÀÎÅÍºä ´ç½Ã ¡®½ÃƼÁ𷦡¯ÀÇ ¿¬±¸ °á°ú Çѱ¹À» Æ÷ÇÔÇÑ ´Ù¼öÀÇ ±¹°¡°¡ ¡®ÇØÅ·ÆÀ¡¯ÀÇ ½ºÆÄÀÌ¿þ¾î¸¦ ±¸¸ÅÇÑ °ÍÀ¸·Î ÃßÁ¤µÇ¸ç, ¾ð·ÐÀÎÀ̳ª Àαǿ°¡µéÀ» °¨½ÃÇÏ´Â µ¥ »ç¿ëÇÏ°í ÀÖÀ» °ÍÀ̶ó°í ¸»Çß¾ú´Ù.

 

ºô ¸¶Å©ÀèÀº À̹ø ÀÎÅͺ信¼­ ±¹Á¤¿øÀÌ ¡®ÇØÅ·ÆÀ¡¯¿¡ ¹®ÀÇÇÑ TNI ÀåÄ¡¿¡ ´ëÇØ ´ë´äÇÏ°í ±× ±â´ÉÀ» »ó¼¼È÷ ¼³¸íÇß´Ù. ±×´Â ¡°TNI¿Í ¿¬°áµÈ ³×Æ®¿öÅ©¿¡ ÀÖ´Â ¸ðµç »ç¶÷ÀÌ °ø°Ý ´ë»óÀÌ µÉ ¼ö ÀÖ´Ù¡±°í ¸»Çß´Ù. ¶Ç TNI¸¦ »ç¿ëÇØ ÁÖÀÔÇÑ ½ºÆÄÀÌ¿þ¾î´Â ÈçÀû¾øÀÌ ÆÄÀÏÀ» »©°¡°Å³ª, µµÃ»Àº ¹°·Ð, ¿Â¶óÀÎ °èÁ¤ÀÇ ºñ¹Ð¹øÈ£¸¦ ÈÉÄ¡°í, À¥Ä·À̳ª ¸¶ÀÌÅ©¸¦ ÄÑ´Â µî, ¼ö¸¹Àº ½ºÆÄÀÌ È°µ¿À» °¡´ÉÇÏ°Ô ÇÑ´Ù°í µ¡ºÙ¿´´Ù.

 

TNI °ø°ÝÀ¸·ÎºÎÅÍ º¸È£¹ÞÀ» ¼ö ÀÖ´À³Ä´Â Áú¹®¿¡ ´ëÇØ ¡°ÀÏ¹Ý »ç¿ëÀÚ°¡ ÀÚ½ÅÀ» º¸È£Çϱâ´Â ½±Áö ¾ÊÀ¸¸ç TNI °¨Áö ¶ÇÇÑ Áö±ØÈ÷ ¾î·Á¿î ¹®Á¦¡±¶ó°í ´äÇß´Ù. ¿ø°Ý »èÁ¦(êÀÌ°Þûð¶)°¡ °¡´ÉÇÑ ½ºÆÄÀÌ¿þ¾î°¡ Á¦°ÅµÈ °æ¿ì¿¡´Â °¨Áö°¡ ¾Æ¿¹ ºÒ°¡´ÉÇϰųª Àü¹®°¡ÀÇ µµ¿òÀ» ¹Þ¾Æ¾ß ÇÏ´Â µî ¸Å¿ì ¾î·Á¿ï ¼ö ÀÖ´Ù°í ´ë´äÇß´Ù.

 

±¹Á¤¿øÀÌ ÇØÅ· ÇÁ·Î±×·¥À» ¼±°Å¿Í °ü·ÃÇؼ­ ¾î¶»°Ô »ç¿ëÇÒ ¼ö ÀÖ´À³Ä´Â Áú¹®¿¡ ±×´Â ¡°À¯ÃâµÈ À̸ÞÀÏ¿¡ µé¾îÀÖ´ø ±¹Á¤¿øÀÌ ¡®½ÇÁ¦ Ÿ°Ù¡¯À̶ó°í ¸»ÇÑ ÀÛÀüÀÇ ½ºÆÄÀÌ¿þ¾î ÀÏÁö¿¡¼­ Çѱ¹ IP ÁÖ¼ÒµéÀ» ºÃ´Ù¡±¸ç ½ÇÁ¦ Ÿ°ÙÀÇ Á¸Àç °¡´É¼ºÀ» ½Ã»çÇß´Ù.

 

ºô ¸¶Å©ÀèÀº ¡°±¹Á¤¿øÀÌ ½ºÆÄÀÌ¿þ¾î ¶Ç´Â TNI¸¦ ¾î¶»°Ô »ç¿ëÇÏ°í ÀÖ¾ú´ÂÁö, ±×µéÀÌ ´©±¸¸¦ ¸ñÇ¥·Î »ï¾Ò´ÂÁö ¡®ÃµÃµÈ÷ ÇÏÁö¸¸ È®½ÇÇÏ°Ô¡¯ °è¼Ó Áõ°Å¸¦ ã¾Æ ³¢¿ö ¸ÂÃç¾ß ÇÑ´Ù¡±°í °­Á¶Çß´Ù.

 


ÇØÅ·ÆÀ »çÁø.png
¡ã ºô ¸¶Å©Àè Æ®À§ÅÍ Ä¸Ã³ »çÁø

 

 

´ÙÀ½Àº ´º½ºÇÁ·Î°¡ ¹ø¿ªÇÑ ºô ¸¶Å©Àè°úÀÇ ¼­¸é ÀÎÅͺä Àü¹®ÀÌ´Ù.

¹ø¿ª °¨¼ö : ÀÓ¿Á

 

ºô ¸¶Å©Àè°úÀÇ ¼­¸é ÀÎÅͺä Àü¹® 1

 

We know an agent from the National Intelligence Service (NIS) in South Korea contacted Hacking Team to inquire about the TNI, or the Tactical Network Injector in 2014. In fact, the NIS received a TNI to test in April 2014 from Hacking Team, according to their email correspondence. We understand that the TNI can infect an entire Wi-Fi network and all users using the network once this device gets plugged into the ISP or Internet Service Provider:

Áú¹®: Çѱ¹ ±¹Á¤¿øÀÇ ¿ä¿øÀÌ 2014³â ÇØÅ·ÆÀ¿¡ ¿¬¶ôÇØ TNI ȤÀº Àü·«Àû ³×Æ®¿öÅ© ÁÖÀԱ⿡ ´ëÇØ ¹®ÀÇÇÑ »ç½ÇÀ» ¾Ë°í ÀÖ´Ù. ½ÇÁ¦·Î ±¹Á¤¿øÀº 2014³â 4¿ù ÇØÅ·ÆÀÀ¸·ÎºÎÅÍ Å×½ºÆ®¿ë TNI¸¦ ¹Þ¾ÒÀ½ÀÌ À̸ÞÀÏ ±³½Å¿¡¼­ µå·¯³µ´Ù. TNI°¡ ISP ȤÀº ÀÎÅÍ³Ý ¼­ºñ½º Á¦°øÀÚ¿¡ ¼³Ä¡µÇ¸é ¹«¼± ³×Æ®¿öÅ©¿Í »ç¿ëÀÚ Àüü¸¦ °¨¿°½Ãų ¼ö ÀÖ´Â °ÍÀ¸·Î ¾È´Ù.

 

1. Would you explain a little how the TNI works for our readers?

TNI°¡ ¾î¶² ÀÛ¿ëÀ» ÇÏ´ÂÁö ¼³¸íÀ» ÇØÁÖ°Ú³ª?

 

Bill: Sure. The TNI is a laptop that you can connect it to a local area network (such as in a home, a hotel, a company, or a building), and hijack connections of people connected to that network. It works for either wired or wireless networks. For wired networks, you need special access to the network to use the TNI (maybe you need to go into a telecommunications closet or server room). For some wireless networks, you may not need any special access for the TNI.

ºô: ¹°·ÐÀÌ´Ù. TNI´Â ÈÞ´ë¿ë ÄÄÇ»Åͷμ­ À̸¦ ±Ù°Å¸® Åë½Å ³×Æ®¿öÅ©(°¡Á¤, È£ÅÚ, ȸ»ç ȤÀº ºôµù µî)¿¡ ¿¬°áÇÏ¸é ±× ³×Æ®¿öÅ©¿¡ Á¢¼ÓÇÑ »ç¶÷µéÀÇ Á¢¼ÓÀ» »©¾ÑÀ» ¼ö ÀÖ´Ù. ÀÌ°ÍÀº ¹«¼± ȤÀº À¯¼± ³×Æ®¿öÅ©¿¡ ¸ðµÎ ÇØ´çµÈ´Ù. À¯¼± ³×Æ®¿öÅ©¿¡¼­´Â TNI¸¦ »ç¿ëÇϱâ À§ÇØ ³×Æ®¿öÅ©¿¡ Ưº°È÷ Á¢±ÙÇÒ ÇÊ¿ä°¡ ÀÖ´Ù (¿ø°ÝÅë½Å½Ç ȤÀº ¼­¹ö·ëÀ¸·Î µé¾î°¥ ÇÊ¿ä°¡ ÀÖÀ»Áöµµ ¸ð¸¥´Ù). ¹«¼± ³×Æ®¿öÅ©¿¡¼­´Â TNI¸¦ À§ÇØ Æ¯º°ÇÏ°Ô Á¢±ÙÇÒ ÇÊ¿ä°¡ ¾øÀ»Áöµµ ¸ð¸¥´Ù.

 

Once the TNI is connected to the network, it can see the Internet traffic of everyone else connected to the network (for example,whatwebsites they are visiting). If the internet traffic is not encrypted (e.g., not HTTPS), then the TNI can see the web content. The TNI can target everyone on the network, or it can target specific people on the network. The person operating the TNI can select targets using metadata (for example target by IP address or MAC address), or they can select targets based on a string in the data (for example, they can target anyone whose computer is sending or receiving the string ¡°***@yahoo.com¡±) Of course, Yahoo Mail is encrypted, so they won¡¯t see this e-mail address when you signin to Yahoo mail, but if you use the e-mail address ¡°***@yahoo.com¡± as a login or username to any sites that are un-encrypted, then they can identify you when you visit these sites and target you (assuming they are running the TNI on the local network you are connected to).

ÀÏ´Ü TNI°¡ ³×Æ®¿öÅ©¿¡ ¿¬°áµÇ¸é, TNI´Â ±× ³×Æ®¿öÅ©¿¡ ¿¬°áµÈ ¸ðµç »ç¶÷µéÀÇ ÀÎÅÍ³Ý Æ®·¡ÇÈ(¿¹¸¦ µé¾î ±×µéÀÌ ¹æ¹®ÇÏ°í ÀÖ´Â À¥ »çÀÌÆ®µé)À» º¼ ¼ö ÀÖ°Ô µÈ´Ù. ±× ÀÎÅÍ³Ý Æ®·¡ÇÈÀÌ ¾ÏȣȭµÈ °ÍÀÌ ¾Æ´Ï¸é(¿¹¸¦ µé¾î HTTPS°¡ ¾Æ´Ï¸é), TNI´Â À¥ ÄÜÅÙÃ÷¸¦ º¼ ¼ö ÀÖ´Ù. TNI´Â ³×Æ®¿öÅ©¿¡ ÀÖ´Â ¸ðµç »ç¶÷µéÀ» ¸ñÇ¥¹°·Î »ïÀ» ¼öµµ ÀÖ°í ³×Æ®¿öÅ©»óÀÇ Æ¯Á¤ Àι°À» ¸ñÇ¥¹°·Î »ïÀ» ¼öµµ ÀÖ´Ù. TNI¸¦ ¿î¿µÇÏ´Â »ç¶÷Àº ¸ÞŸ µ¥ÀÌÅ͸¦ ÀÌ¿ëÇØ ¸ñÇ¥¹°µéÀ» ¼±ÅÃÇϰųª (¿¹¸¦ µé¸é, ¾ÆÀÌÇÇ(IP) ÁÖ¼Ò³ª MAC ÁÖ¼Ò·Î ¸ñÇ¥¹°À» ¼±º°), ȤÀº µ¥ÀÌÅÍ¿¡ ÀÖ´Â ´Ü¼­¸¦ ±Ù°Å·Î ¸ñÇ¥¹°À» ¼±ÅÃÇÒ ¼ö ÀÖ´Ù (¿¹¸¦ µé¸é, ¡°***@yahoo.com¡±À̶ó´Â ´Ü¼­¸¦ º¸³»°Å³ª ¹Þ´Â »ç¶÷À» ¸ñÇ¥¹°·Î »ïÀ» ¼ö ÀÖ´Ù). ¹°·Ð ¾ßÈÄ ¸ÞÀÏÀº ¾ÏȣȭµÇ¾î À־ ´ç½ÅÀÌ ¾ßÈÄ ¸ÞÀÏ¿¡ µé¾î°¥ ¶§´Â ±×µéÀÌ ±× À̸ÞÀÏ ÁÖ¼Ò¸¦ º¼ ¼ö ¾øÁö¸¸ ¸¸ÀÏ ¡°***@yahoo.com¡±À̶ó´Â À̸ÞÀÏ ÁÖ¼Ò¸¦ ¾ÏȣȭµÇÁö ¾ÊÀº »çÀÌÆ®¿¡ ·Î±×ÀΠȤÀº »ç¿ëÀÚ À̸§À¸·Î »ç¿ëÇÑ´Ù¸é, °¡·É ´ç½ÅÀÌ ÀÌ »çÀÌÆ®µéÀ» ¹æ¹®ÇÒ ¶§ ±×µéÀº ´ç½ÅÀ» ¾Ë¾Æ³¾ ¼ö ÀÖÀ¸¸ç (´ç½ÅÀÌ Á¢¼ÓÇÑ ´Ü°Å¸® ³×Æ®¿öÅ©¿¡ ±×µéÀÌ TNI¸¦ ÀÛµ¿½ÃÅ°°í ÀÖ´Ù¸é) ´ç½ÅÀ» ¸ñÇ¥¹°·Î »ïÀ» ¼ö ÀÖ´Ù.

 

Once the TNI has identified you as a target, it can target you in several ways. First, it can alter normal files you download or normal websites you visit over the network via HTTP (not HTTPS), to insert spyware or exploits. Second, it can block the Adobe Flash Player on unencrypted (not HTTPS) websites, including porn websites like youporn.com, and insert a message into the website asking you to update the flash player, which contains a link to the spyware.

ÀÏ´Ü TNI°¡ ´ç½ÅÀ» Ÿ°ÙÀ¸·Î ±ÔÁ¤Çϸé TNI´Â ¿©·¯ ¹æ¹ýÀ¸·Î ´ç½ÅÀ» ¸ñÇ¥·Î »ïÀ» ¼ö ÀÖ´Ù. ¿ì¼±, TNI´Â ´ç½ÅÀÌ ´Ù¿î¹ÞÀº Á¤»óÀûÀÎ ÆÄÀϵé ȤÀº HTTP(HTTPS°¡ ¾Æ´Ï¶ó)¸¦ ÅëÇØ ´ç½ÅÀÌ ¹æ¹®Çß´ø Á¤»óÀûÀÎ À¥»çÀÌÆ®¸¦ º¯°æÇÏ¿© ½ºÆÄÀÌ¿þ¾î³ª °ø°Ý¹°À» »ðÀÔÇÒ ¼ö ÀÖ´Ù. µÎ ¹ø°, TNI´Â youporn.com°ú °°Àº Æ÷¸£³ë À¥»çÀÌÆ®µéÀ» Æ÷ÇÔÇÑ ¾ÏȣȭµÇÁö ¾ÊÀº(HTTPS°¡ ¾Æ´Ï¶ó) À¥»çÀÌÆ®µé¿¡¼­ ¾îµµºñ Ç÷¡½Ã Ç÷¡À̾ Â÷´ÜÇÑ ´ÙÀ½ Ç÷¡½Ã Ç÷¹À̾ ¾÷µ¥ÀÌÆ®½Ãų °ÍÀ» ¿äûÇÏ´Â ¸Þ½ÃÁö¸¦ À¥»çÀÌÆ®¿¡ »ðÀÔÇÏ°í ±× ¾È¿¡ ½ºÆÄÀÌ¿þ¾î·Î °¡°Ô ÇÏ´Â ¸µÅ©¸¦ ½ÉÀ» ¼ö ÀÖ´Ù.

 

2. Would you tell us what the NIS could possibly achieve by using this device (or the spyware that the device is injecting)?

±¹Á¤¿øÀÌ ÀÌ ÀåÄ¡(ȤÀº ±× ÀåÄ¡¸¦ »ç¿ëÇØ ÁÖÀÔÇÑ ½ºÆÄÀÌ¿þ¾î)¸¦ »ç¿ëÇÔÀ¸·Î½á ¹«¾ùÀ» ÀÌ·ê ¼ö ÀÖ´ÂÁö ¸»ÇØÁÙ ¼ö ÀÖ³ª?

 

Bill: It¡¯s not clear what their purpose of purchasing this device is. But it allows the NIS to infect people with spyware in a very stealthy way, which is extremely hard to detect or prove. The spyware allows the NIS to take files from your computer; to record phone calls, messages, e-mails, and social media activity even if you are using encryption; to steal passwords for online accounts; to turn on your webcam or microphone; and many other spy features. Hacking Team advertises that the spyware allows you to ¡°look through your target¡¯s eyes.¡±

ºô : ±¹Á¤¿øÀÌ ÀÌ ±â±â¸¦ ±¸¸ÅÇÑ ¸ñÀûÀÌ ¹«¾ùÀÎÁö ºÐ¸íÇÏÁö´Â ¾Ê´Ù. ÇÏÁö¸¸ ±¹Á¤¿øÀº ÀÌ ±â±â¸¦ ÀÌ¿ëÇؼ­ ¾ÆÁÖ Àº¹ÐÇÑ ¹æ¹ýÀ¸·Î »ç¶÷µéÀ» ½ºÆÄÀÌ¿þ¾î¿¡ °¨¿°½Ãų ¼ö ÀÖÀ¸¸ç ±×·¡¼­ »ç¶÷µéÀº À̸¦ ã¾Æ³»°Å³ª ȤÀº Áõ¸íÇϱⰡ ¸Å¿ì ¾î·Á¿ï °ÍÀÌ´Ù. ±¹Á¤¿øÀº ÀÌ ½ºÆÄÀÌ¿þ¾î¸¦ ÀÌ¿ëÇؼ­, ´ç½ÅÀÌ ¾Ïȣȭ¸¦ ½ÃÅ°°í ÀÖ´Ù Çصµ ´ç½Å ÄÄÇ»ÅÍ¿¡¼­ ÆÄÀÏÀ» »©°¡°í, ÀüÈ­ ÅëÈ­, ¸Þ½ÃÁö, À̸ÞÀÏ ±×¸®°í ¼Ò¼È¹Ìµð¾î È°µ¿ µîÀ» µµÃ»ÇÒ ¼ö ÀÖÀ¸¸ç, ¿Â¶óÀÎ °èÁ¤ÀÇ ºñ¹Ð¹øÈ£¸¦ ÈÉÄ¡°í, À¥Ä·À̳ª ¸¶ÀÌÅ©¸¦ ÄѰųª ±× ¿Ü ´Ù¸¥ ¸¹Àº ½ºÆÄÀÌ Ã¸º¸ È°µ¿µéÀ» ÇÒ ¼ö ÀÖ´Ù. ÇØÅ·ÆÀÀº ½ºÆÄÀÌ¿þ¾î°¡ ¡°´ç½Å Ÿ°ÙÀÇ ´«À» ÅëÇØ º¼ ¼ö¡± ÀÖ°Ô ÇØÁØ´Ù°í ±¤°íÇÑ´Ù.

 

3. Is there any way to be protected from a TNI attack? Is it possible to detect the infection when infected? Is it true that the spyware can be injected and removed remotely? Would there be any evidence or trace of the use of the TNI by the NIS, for example, in infected computers or mobile devices? How about after the spyware has been removed remotely? If there is a way to detect the use of TNI or any spyware what should be looked for in order to do so?

TNI °ø°ÝÀ¸·ÎºÎÅÍ º¸È£¹ÞÀ» ¼ö ÀÖ´Â ¹æ¹ýÀÌ ÀÖ³ª? °¨¿°µÉ ¶§ °¨¿°µÇ¾ú´Ù´Â °ÍÀ» °¨ÁöÇÒ ¼ö ÀÖ³ª? ½ºÆÄÀÌ¿þ¾î°¡ ÁÖÀÔµÇ°í »èÁ¦µÇ´Â °ÍÀÌ ¿ø°ÝÀ¸·Î °¡´ÉÇÑ °ÍÀÌ »ç½ÇÀΰ¡? ¿¹¸¦ µé¾î °¨¿°µÈ ÄÄÇ»Åͳª ¸ð¹ÙÀÏ Àåºñ¿¡ ±¹Á¤¿øÀÌ TNI¸¦ »ç¿ëÇÑ Áõ°Å³ª ÈçÀûÀÌ ³²´Â°¡? ½ºÆÄÀÌ¿þ¾î°¡ ¿ø°ÝÀ¸·Î »èÁ¦µÈ µÚ¿¡´Â ¾î¶°ÇÑ°¡? ¸¸ÀÏ TNI ȤÀº ½ºÆÄÀÌ¿þ¾îÀÇ »ç¿ëÀ» °¨ÁöÇÏ´Â ¹æ¹ýÀÌ ÀÖ´Ù¸é ±×°ÍÀº ¾î¶² °ÍÀΰ¡?

 

Bill: It is hard for an ordinary user to be protected from a TNI attack. If you use VPNs or Tor Browser, or only browse using a virtual machine on your computer, this may give you more protection from a TNI. VPN or Tor will encrypt all of your browsing in a way that the TNI cannot attack. If a virtual machine becomes infected, it is much harder for the infection to spread outside the virtual machine to the rest of the computer.

 

ºô: ÀÏ¹Ý »ç¿ëÀÚµéÀÌ TNI °ø°ÝÀ¸·ÎºÎÅÍ ÀÚ½ÅÀ» º¸È£ÇÏ´Â °ÍÀº ½±Áö ¾Ê´Ù. VPNs³ª Tor ºê¶ó¿ìÀú, ¶Ç´Â °¡»ó ÄÄÇ»ÅÍ ½Ã½ºÅÛÀ» ÀÌ¿ëÇؼ­ °Ë»öÇÑ´Ù¸é TNI °ø°ÝÀ¸·ÎºÎÅÍ ´õ ¾ÈÀüÇÒÁöµµ ¸ð¸¥´Ù. VPNÀ̳ª Tor´Â TNI°¡ °ø°ÝÇÒ ¼ö ¾øµµ·Ï ´ç½ÅÀÌ °Ë»öÇÑ ¸ðµç °ÍÀ» ¾ÏȣȭÇÒ °ÍÀ̱⠶§¹®ÀÌ´Ù. ¸¸¾à °¡»ó ÄÄÇ»ÅÍ ½Ã½ºÅÛÀÌ °¨¿°µÈ´Ù°í ÇÏ´õ¶óµµ ÀÌ ½Ã½ºÅÛ ¹ÛÀ¸·Î ÆÛÁ®³ª°¡ ÄÄÇ»ÅÍÀÇ ´Ù¸¥ ºÎºÐ±îÁö °¨¿°½ÃÅ°´Â °ÍÀº ÈξÀ ´õ ¾î·Æ´Ù.

 

At this time, I don¡¯t think ordinary people in Korea need to be too concerned about the TNI, because the NIS needs to send someone with the TNI device near their target. Any time you talk about an agent having to physically go somewhere, that costs a lot of time and money. So, if the NIS is targeting someone with it, it will probably be a very high-value target. We have not yet established whether the NIS actually used this device in real operations, or just for testing. We should keep investigating to find this out.

ÇöÀç·Î¼­´Â ÀϹÝÀεéÀÌ TNI¿¡ ´ëÇØ ³Ê¹« °ÆÁ¤ÇÒ ÇÊ¿ä´Â ¾ø´Ù°í »ý°¢ÇÑ´Ù. ¿Ö³ÄÇÏ¸é ±¹Á¤¿øÀÌ TNI ±â±â¸¦ Á÷Á¢ »ç¶÷À» ½ÃÄÑ ¸ñÇ¥¹° ±Ùó¿¡ º¸³»¾ß Çϴµ¥ ÀÌ´Â ½Ã°£°ú ºñ¿ëÀÌ ¸¹ÀÌ µå´Â ÀÏÀ̱⠶§¹®ÀÌ´Ù. µû¶ó¼­ ±¹Á¤¿øÀÌ ´©±º°¡¸¦ TNI °ø°Ý ¸ñÇ¥·Î »ï´Â´Ù¸é, ±×´Â ±×·²¸¸ÇÑ °¡Ä¡°¡ ¾ÆÁÖ ³ôÀº Àι°ÀÏ °ÍÀÌ´Ù. ¿ì¸®´Â ±¹Á¤¿øÀÌ ½ÇÁ¦·Î TNI¸¦ »ç¿ëÇß´ÂÁö ¶Ç´Â ÀÌ°ÍÀÌ ´ÜÁö ½ÇÇè¿ëÀÎÁö ¾Ë¾Æ³»Áö ¸øÇß´Ù. ÀÌ °°Àº »ç½ÇÀ» ¾Ë¾Æ³»±â À§ÇØ °è¼Ó Á¶»çÇØ¾ß ÇÒ °ÍÀÌ´Ù.

 

Let me answer your questions about detection. As for detecting the TNI itself, this is an extremely hard problem. When the TNI hijacks a connection, there is a very short window of time in which it may be able to be detected, because your computer might receive a response both from the website you are browsing, and also a fake response injected by the TNI. You won¡¯t notice this as a regular computer user, but if you are running an Intrusion Detection System (IDS), you may be able to notice it.

±×·³ °¨Áö¿¡ ´ëÇÑ Áú¹®¿¡ ´äÇϵµ·Ï ÇÏ°Ú´Ù. TNI ÀÚü¸¦ °¨ÁöÇÏ´Â °ÍÀº Áö±ØÈ÷ ¾î·Á¿î ¹®Á¦´Ù. TNI°¡ ÇØÅ·À» Çϸé À̸¦ ¹ß°ßÇÒ ¼ö ÀÖ´Â ½Ã°£´ë´Â ¸Å¿ì ª´Ù. ¿Ö³ÄÇϸé ÄÄÇ»ÅÍ´Â ´ç½ÅÀÌ ºê¶ó¿ì¡ ÁßÀÌ´ø À¥»çÀÌÆ®°¡ ÁÖ´Â ´äº¯°ú TNI°¡ ÁÖÀÔÇÑ °¡Â¥ ´äº¯ µÑ ´Ù ¹Þ°Ô µÇ±â ¶§¹®ÀÌ´Ù. ÀϹÝÀûÀÎ ÄÄÇ»ÅÍ »ç¿ëÀÚ¶ó¸é À̸¦ ¾Ë¾ÆÂ÷¸± ¼ö ¾øÁö¸¸, ¸¸¾à ħÀÔ °¨Áö ½Ã½ºÅÛ(Intrusion Detection System)À» ¿î¿µ ÁßÀ̶ó¸é ¾Ë ¼ö ÀÖÀ»Áöµµ ¸ð¸¥´Ù.

 

Detecting the spyware once it is on your computer is easier, but still hard. As you say, any infection can be removed remotely, and at that point it becomes very hard, if not impossible to detect, and would require an expert in computer forensics to detect. If the infection has not yet been removed, it will be easier to detect, but may require a computer security expert, because the spyware bypasses anti-virus products, and maintains invisibility from common analysis tools. However, since the Hacking Team source code has leaked, anti-virus companies are rapidly adding detection for the older versions of the spyware. It is perhaps possible that someone may still have an older version of the spyware on their computer, and running an anti-virus product might detect it, but it is not guaranteed.

½ºÆÄÀÌ¿þ¾î°¡ ´ç½ÅÀÇ ÄÄÇ»ÅÍ¿¡ ½É¾îÁö¸é ½ºÆÄÀÌ¿þ¾î¸¦ °¨ÁöÇÏ´Â °ÍÀÌ Á» ´õ ½±±ä Çϳª ±×·¡µµ ¾î·Æ´Ù. ´ç½ÅÀÌ ¸»Çßµí ¾î¶°ÇÑ °¨¿°µµ ¿ø°ÝÀ¸·Î Á¦°ÅµÉ ¼ö ÀÖÀ¸¸ç, ÀÌ·¸°Ô Á¦°ÅµÇ¸é °¨Áö°¡ ¾Æ¿¹ ºÒ°¡´ÉÇϰųª ¸Å¿ì ¾î·Á¿öÁú °ÍÀÌ°í À̶§´Â ÄÄÇ»ÅÍ °úÇÐ ¼ö»ç Àü¹®°¡°¡ ÇÊ¿äÇÒ °ÍÀÌ´Ù. ¸¸¾à °¨¿°ÀÌ ¾ÆÁ÷ Á¦°ÅµÇÁö ¾Ê¾Ò´Ù¸é, °¨ÁöÇϱâ´Â ´õ¿í ½±°ÚÁö¸¸, ÄÄÇ»ÅÍ º¸¾È Àü¹®°¡°¡ ÇÊ¿äÇÒÁö ¸ð¸¥´Ù. ¿Ö³ÄÇÏ¸é ½ºÆÄÀÌ¿þ¾î´Â ¾ÈƼ¹ÙÀÌ·¯½º ÇÁ·Î±×·¥¿¡ °É¸®Áö ¾Ê¾Æ ÀϹÝÀûÀÎ ºÐ¼® µµ±¸·Î´Â ´«¿¡ ¶çÁö ¾ÊÀ» °ÍÀ̱⠶§¹®ÀÌ´Ù. ÇÏÁö¸¸ ÇØÅ·ÆÀÀÇ ¼Ò½º Äڵ尡 ´©ÃâµÈ ÀÌÈÄ·Î ¾ÈƼ¹ÙÀÌ·¯½º ȸ»çµéÀº ±× ½ºÆÄÀÌ¿þ¾îÀÇ ÀÌÀü ¹öÀüÀ» °¨ÁöÇÏ´Â ±â´ÉÀ» ½Å¼ÓÈ÷ Ãß°¡ÇÏ°í ÀÖ´Ù. ´©±º°¡°¡ ÀÚ½ÅÀÇ ÄÄÇ»ÅÍ¿¡ ±× ½ºÆÄÀÌ¿þ¾îÀÇ ÀÌÀü ¹öÀüÀ» ¾ÆÁ÷ °¡Áö°í ÀÖ´Ù¸é, ±×¸®°í ¾ÈƼ¹ÙÀÌ·¯½º Á¦Ç°À» »ç¿ëÇÑ´Ù¸é ±×°ÍÀ» ã¾Æ³¾ ¼ö ÀÖÀ»Áöµµ ¸ð¸£³ª º¸ÀåÀº ÇÒ ¼ö ¾ø´Ù.

 

4. The NIS purchased hacking programs, especially ahead of national elections. What can they do with these programs in relation to elections, polling, or voting?

±¹Á¤¿øÀÌ Æ¯È÷ ¼±°Å Àü¿¡ ÇØÅ· ÇÁ·Î±×·¥µéÀ» ±¸ÀÔÇß´Ù. ±×µéÀÌ ÀÌ·¯ÇÑ ÇÁ·Î±×·¥À» ÀÌ¿ëÇØ ¼±°Å³ª ¿©·ÐÁ¶»ç, ¶Ç´Â ÅõÇ¥¿Í °ü·ÃÇÏ¿© ¹«¾ùÀ» ÇÒ ¼ö Àִ°¡?

 

Bill: First, we have not yet established evidence to suggest how the NIS was using the spyware or TNI, or who they were targeting. We have seen Korean IP addresses in the spyware logs, for operations that the NIS described in the leaked e-mails as targeting ¡°real targets,¡± rather than testing. Assuming these are real targets, we do not yet know why these people were targeted or who they are.

It is tough, and it may take a while of careful searching, but we need to keep looking and piecing together the evidence, slowly but surely.

ºô: ù°·Î ¿ì¸®´Â ±¹Á¤¿øÀÌ ½ºÆÄÀÌ¿þ¾î ¶Ç´Â TNI¸¦ ¾î¶»°Ô »ç¿ëÇÏ°í ÀÖ¾ú´ÂÁö ȤÀº ±×µéÀÌ ´©±¸¸¦ ¸ñÇ¥·Î »ï¾Ò´ÂÁö¿¡ ´ëÇØ ¸»ÇØÁÖ´Â Áõ°Å¸¦ ¾ÆÁ÷ °¡Áö°í ÀÖÁö ¾Ê´Ù. ¿ì¸®´Â À¯ÃâµÈ À̸ÞÀÏ¿¡¼­ ±¹Á¤¿øÀÌ Å×½ºÆ®°¡ ¾Æ´Ñ ¡°ÁøÂ¥ Ÿ°Ù¡±À» ¸ñÇ¥·Î »ïÀ» °ÍÀ̶ó°í ¸»Çß´ø ÀÛÀüµéÀÇ ½ºÆÄÀÌ¿þ¾î ÀÏÁö¿¡¼­ Çѱ¹ ¾ÆÀÌÇÇ ÁÖ¼ÒµéÀ» º¸¾Ò´Ù. À̵éÀÌ ÁøÂ¥ Ÿ°ÙÀ̶ó°í °¡Á¤ÇÒ ¶§ ¿ì¸®´Â ¿Ö ±× »ç¶÷µéÀÌ ¸ñÇ¥°¡ µÇ¾ú´ÂÁö ȤÀº ±×µéÀÌ ´©±¸ÀÎÁö ¾ÆÁ÷ ¾ËÁö ¸øÇÑ´Ù.

ÀÌ ÀÏÀº ¾î·Æ°í »ó´ç ±â°£ÀÇ ½ÅÁßÇÑ Å½»öÀ» ÇÊ¿ä·Î ÇÒ °ÍÀÌÁö¸¸, ¿ì¸®´Â °è¼Ó Áõ°Å¸¦ ã¾Æ ³¢¿ö ¸ÂÃß´Â ÀÏÀ» ÇؾßÇÑ´Ù. õõÈ÷ ÇÏÁö¸¸ È®½ÇÇÏ°Ô.

 

<2Æí °è¼Ó>

 


ÀÌÀü±Û  ´ÙÀ½±Û  ¸ñ·Ï ±Û¾²±â


´º½º·Î¸¦¸»ÇÑ´Ù l ´º½º·Î ÁÖÀεDZâ l´º½º·Îȸ¿ø¾à°ü  l±¤°í¹®ÀÇ ±â»çÁ¦º¸ : newsroh@gmail.com lÁ¦È£ : ´º½º·Î l¹ßÇàÀÎ : ÖÔóãúç lÆíÁýÀÎ : ÖÔóãúç
û¼Ò³âº¸È£Ã¥ÀÓÀÚ : ÚÊܰ謠l Á¤±â°£Ç๰ µî·Ï¹øÈ£ : °æ±â¾Æ50133 lâ°£ÀÏ : 2010.06.05. l¹Ì±¹ : 75 Quaker Ave Cornwall NY 12518 / ÀüÈ­ : 1-914-374-9793
´º½º·Î ¼¼»óÀÇ Ã¢À» ¿¬´Ù! Ä®·³À» ÀÐÀ¸¸é ´º½º°¡ º¸ÀδÙ!
Copyright(c) 2010 www.newsroh.com All rights reserved.