“Weekend Briefing” is a weekly newsletter sent to subscribers of The Readable every Friday. Our journalists select important news items from the previous week on topics ranging from privacy to policy development in cybersecurity, all to help you stay abreast of the latest breaking issues. And not only is this provided free of cost to our subscribers, but the briefing contains new content exclusive to subscribers, such as our insightful industrial reports.
In the past two weeks, new revelations about North Korean hacking activities targeting Seoul have emerged. According to an announcement by the South Korean police on May 12, it was revealed that the computer network of the South Korean courts had been breached by threat actors for over two years. During this period, approximately 1,014 gigabytes (GB) of court documents were siphoned to eight different servers, both within and outside the Korean Peninsula. The intrusion went undetected until February 2023 when an anti-virus software flagged a malicious program. The police stated that due to limitations in equipment storage, they were unable to determine the exact time of the initial intrusion, which dates back to before January 7, 2021.
During the police briefing, it was revealed that within the 4.7GB of stolen data were personal details, encompassing debtor rehabilitation and bankruptcy records, along with marriage certificates. The motives behind the cyberattack remain unknown, though the police have confirmed the perpetrators’ link to the North Korean regime based on analysis of malicious programs and cryptocurrency wallet addresses associated with the North’s cyber operations.
Subsequently, on May 20, another local news report revealed that hackers suspected of working for Pyongyang had targeted around a hundred officials at the defense department. The Ministry of National Defense confirmed the next day that a certain amount of officials had indeed been targeted in the cyberattacks, leading to the establishment of an investigation task force.
The Readable is committed to providing you with the latest developments concerning North Korea’s activities in South Korea. We diligently navigate the vast sea of information to unite you with the stories that matter most. While the motives behind North Korea’s data theft remain unclear, rest assured that as we uncover more details, you’ll be the first to know.
In the meantime, we’d like to share two crucial pieces of news on artificial intelligence, reported by Minkyung Shin and Kuksung Nam respectively. Additionally, we’ve included three stories from the REMIT Conference and the RSA Conference, previously reported and now making waves in the cyber community. Keep reading for further updates.
This is Dain Oh reporting from South Korea, and here is your weekend briefing.
1. Privacy expert urges unified approach to generative AI regulation across APAC
On Thursday, a privacy expert from a global non-profit organization emphasized the importance of a coordinated approach to developing regulatory frameworks for generative artificial intelligence technologies across the Asia-Pacific region.
Josh Lee Kok Thong, Managing Director of the Future of Privacy Forum’s (FPF) APAC office, unveiled the findings of a year-long study on the governance and regulation of generative AI systems in APAC countries. This disclosure occurred during the launch event of a report titled “Navigating Governance Frameworks for Generative AI Systems in the Asia-Pacific” in Seoul, co-hosted by the South Korean law firm Lee & Ko, with support from the Ministry of Science and ICT (MSIT) and the Personal Information Protection Commission (PIPC).
The managing director delved into the AI governance frameworks of five countries—Australia, China, Japan, Singapore, and South Korea—and emphasized the importance of interoperability across jurisdictions in the Asia-Pacific region. According to their analysis, these countries have adopted soft laws in the form of voluntary frameworks centered around ethical principles. The expert highlighted an emerging consensus on these principles, noting that most frameworks share eight key components, including accountability, privacy, explainability, and transparency. READ MORE
2. Securing Seoul: Frontline insights on AI’s role in defending against cyberattacks
Seoul, the capital of South Korea and home to nearly half of the nation’s population, is a prime target for cybercriminals due to its numerous government organizations and critical infrastructure. However, despite its vulnerability, the city is leveraging the threats leveled against it to its advantage by employing artificial intelligence, a technology that continuously improves the more data it receives.
On May 16, The Readable interviewed Kim Wan-jip, Director of the Information Communication and Security Division at the Seoul Metropolitan Government, to learn how Seoul uses AI to monitor and respond to cyber threats. “The AI Seoul Security Center, which operates around the clock, continuously receives and analyzes incoming external threats, allowing it to provide robust security for the city’s institutions,” said Kim.
In September 2023, the city of Seoul integrated AI into its existing Security Operation Center (SOC) to address growing cyber threats. This technology has enabled city officials to respond to breaches instantly. “Before adopting AI, human operators had to manually respond to each threat, taking about 20 minutes per threat to implement basic security measures, such as setting up a web application firewall or blocking malicious internet protocols,” said Kim. With AI, this process has been reduced to six seconds per threat. “It is comparable to the efficiency of 200 human operators,” added Kim. READ MORE
3. Expert explores ethics amid AI-driven warfare
Leuven, Belgium — The 1st REMIT Conference — An expert on digital technologies emphasized that ethics is not a hindrance but a crucial component in national defense, particularly amidst the digital transformation fueled by artificial intelligence technologies.
Mariarosaria Taddeo, a professor of digital ethics and defense technologies at the University of Oxford, highlighted that AI represents the most significant aspect of the ongoing transformation in digital warfare. She pointed out that AI technologies hold potential across various facets of defense operations, ranging from resource management to tactical decision-making. These insights were shared during a keynote speech at the inaugural Reignite Multilateralism via Technology (REMIT) conference on May 16.
Taddeo, who also holds a fellowship at the Alan Turing Institute, explained that these applications could engender ethical challenges. Drawing parallels with AI applications in other sectors like finance, healthcare, and education, the expert pointed out that there exists the potential for risks related to transparency and robustness when employing AI for defense. The professor particularly emphasized that in defense, additional considerations arise due to the potential for kinetic uses—in other words, those that involve direct physical impact or harm, such as military strikes—that could result in the destruction and detriment of individuals’ lives, thereby compromising human rights and dignity. READ MORE
4. NATO cyber chief urges focus on long-term security goals
Leuven, Belgium — The 1st REMIT Conference — Christian-Marc Lifländer, the Head of NATO Cyber & Hybrid Policy Section, reiterated the importance of prioritizing long-term security over short-term economic interests during an inaugural event on Thursday.
The statement was made at the REMIT conference, which is part of the Reignite Multilateralism via Technology project. This project is funded by the European Union’s Horizon Europe Research and Innovation Program and is hosted at the University of Leuven, serving as the first venue for international discussions on the topic.
As a keynote speaker representing the North Atlantic Treaty Organization, which comprises 32 member states including the United States and Canada, along with 30 European countries, Lifländer addressed the audience, focusing on strategic competition under the subtitle “Adjusting to an Era of Unpeace.” Throughout his speech, he frequently emphasized words such as “value,” “resilience,” “openness,” and “connectedness,” along with highlighting the importance of “cooperation” and safeguarding “critical infrastructure.” READ MORE
5. Narratives played a crucial role in establishing cyber command, reflect US officials after 15 years
San Francisco ― The RSA Conference ― The four pioneers most instrumental in the creation of the United States Cyber Command (USCYBERCOM) 15 years ago—the Four “Horsemen”—assembled at the Moscone Center on Wednesday, having come together to publicly discuss the origins of the organization for the first time. During their keynote session, which traced the development of USCYBERCOM, they frequently used words like “narratives” and “storyboards,” terms not commonly associated with cybersecurity.
General Paul Nakasone, former Commander of USCYBERCOM who retired in February, was joined on stage at the RSA Conference by Vice Admiral Timothy “TJ” White, former Commander of U.S. Fleet Cyber Command and the Cyber National Mission Force. Also participating were Lieutenant General Stephen Davis, Inspector General of the Department of the Air Force, overseeing the Defense Cyber Crimes Center (DC3), and Jen Easterly, Director of the Cybersecurity and Infrastructure Security Agency (CISA). Together, they engaged in a panel discussion in the presence of the audience who had gathered to hear them speak.
USCYBERCOM was born out of a significant security breach in 2008, described as the “worst military breach in U.S. history.” That year, a USB flash drive loaded with malicious code, found in a parking lot in Afghanistan, was carelessly connected to a computer linked to the U.S. Central Command. This act compromised both classified and unclassified networks of the defense organization and resulted in data being siphoned off to foreign entities. The breach was only publicly acknowledged four months later. The Pentagon then spent nearly 14 months eradicating the worm from its networks through an operation dubbed “Buckshot Yankee.” This incident, which was later attributed to Russian intelligence services, prompted the establishment of USCYBERCOM within the Pentagon in 2010. READ MORE
