my timesThe Korea Times
  1. South Korea

Vaccine Planned Against Tapping of Laptops

Listen
  • Published Jan 8, 2010 7:29 pm KST
  • Updated Jan 8, 2010 7:29 pm KST

By Bae Ji-sook

Staff Reporter

Beware of what you talk about in front of your computer, as recordings of sensitive business deals could go straight to the ears of rivals or even the government.

The Korea Communications Commission and the Korea Internet and Security Agency said Friday it will draw up security recommendations after local Internet experts found that notebook computers with internal microphones are vulnerable to electronic eavesdropping.

Notebook makers will have to install an external on/off switch, while online security firms develop a defense system against software used to mask recording files.

According to Secure Laboratory, a group of online security experts, notebook computer users who download files from emails or messenger systems are vulnerable to attack.

Once opened, the file ― usually a phishing program ― activates the microphone recording system of the user's computers.

It then records and saves all conversation captured and sends it to the hackers' computer. Once this is done, the file and program auto-erase.

Because the programs are undetectable by firewalls or other monitoring programs, experts aren't sure how many computers are infected with the malicious files.

Lee Kyeong-tae, head of the study group, told the Donga Ilbo that the program was capable of capturing voices within five meters of the computer, and was likely to have been widely used for industrial espionage or by government intelligence agents.

"Many people thought this was something only seen in movies, but it took us less than 24 hours to develop one. The quality of the sound was as clear as that of telephone tapping," he said.

There have been several reports of eavesdropping through Web cameras installed on notebooks; and overseas, phishing through the Skype Internet phone service, has been uncovered.

However, this is the first time that microphones have been commandeered.

Lee warned that PMP, pop-top computers, smart phones and other Internet accessible devices are similarly vulnerable.

Distributing tapping or phishing programs are punishable by a 50 million won fine or up to five years in prison.

bjs@koreatimes.co.kr