“Weekend Briefing” is a weekly newsletter sent to subscribers of The Readable every Friday. Our journalists select important news items from the previous week on topics ranging from privacy to policy development in cybersecurity, all to help you stay abreast of the latest breaking issues. And not only is this provided free of cost to our subscribers, but the briefing contains new content exclusive to subscribers, such as our insightful industrial reports.
Oxford Languages defines ‘blind spot’ as an area where a person’s view is obstructed. In cybersecurity, healthcare may be the largest blind spot among all industries. During the BBC election debate ahead of the upcoming United Kingdom general election, the candidates did not address the devastating cyberattacks occurring in the healthcare sector of their own country—a situation that poses literal life-and-death consequences due to ransomware. Sylvie Truong has been closely monitoring this issue. Stay tuned for her story below, followed by her opinion piece next week.
Minkyung Shin conducted an interview with a police officer specializing in cryptocurrency fraud investigation. Kuksung Nam covered the story of a former LG employee attempting to sell the company’s technology to China. This briefing also includes updates on North Korean hackers and a case of personal data exposure by a public servant. For our readers based in South Korea, there is an IoT security event notification included at the bottom.
This is Dain Oh reporting from South Korea, and here is your weekend briefing.
1. Global healthcare cyberattacks: Calling for greater collaboration against foreign hackers
The healthcare sector has become a prime target for cyberattacks, as shown by recent high-profile incidents in both the United Kingdom and the United States. The Federal Bureau of Investigation (FBI) reported that in 2023, the healthcare sector was the most targeted critical infrastructure by ransomware, impacting at least 249 healthcare organizations across the U.S.
Hospitals in other countries, including France, Germany, Romania, and South Korea, have also been targeted by cyberattacks. The consequences of these attacks are severe, impacting patient safety, economic stability, and national security.
1) England: The Synnovis cyberattack
On June 3, 2024, Synnovis, a pathology service provider for the National Health Service (NHS) in England, was targeted in a ransomware attack. This incident forced major hospitals in London to declare emergency status and the situation is still critical. Emergency patients have been diverted, and hospitals have canceled cancer operations due to the inability to guarantee blood transfusions. Blood tests and transfusions are currently facing delays, and the NHS has made an urgent call for O-type blood donations. Additionally, non-emergency operations were canceled, and hospital staff have reverted to using pen and paper.
As of June 6, the NHS reported that the full impact of the attack remains uncertain. Ciaran Martin, the former chief executive of the United Kingdom’s National Cyber Security Centre, suggested that the Russian ransomware gang Qilin is likely responsible. Cybersecurity experts note that Qilin often gains initial access to networks through spearphishing emails containing malicious links. The gang has a history of targeting medical organizations and other critical infrastructure. READ MORE
2. Intelligent crime investigator warns of cryptocurrency fraud
On February 19, an individual arrived in the South Korean city of Incheon with a large sum of cash, hoping to purchase Tether, a digital currency, at a discounted rate. After a brief introduction, the bag of money was taken into a van where several people were waiting to exchange their cryptocurrencies for cash. The amount the victim brought totaled nearly $720,000 (1 billion won).
However, it didn’t take long for the van to speed off after abandoning the victim, who had been pushed out of the vehicle. The scammers did not possess any of the Tether they had claimed to have, according to the Incheon Jungbu Police, who arrested the criminals the day after the crime had been committed.
The tactic was simple. The gang of six criminals scouted potential targets in a chat room they created on the messaging app Telegram. They lured victims by promising to sell cryptocurrencies at a price significantly lower than the market rate.
In an interview with The Readable at the police station on June 7, Choi Jae-hwang, Senior Inspector of Intelligent Crime Investigation, warned citizens about similar frauds that have become increasingly common in recent years. According to the latest statistics released by the Korean National Police Agency (KNPA) last year, cryptocurrency scam losses in South Korea totaled approximately $38 billion (5.3 trillion won) from 2018 to 2022. READ MORE
3. Former LG Display employee sentenced for leaking core technologies using son’s phone
A former employee of LG Display has been sentenced to 18 months in prison for illegally obtaining information about the company’s core technologies. He extracted this information through his child’s phone with the intention of using it for employment at a competing Chinese company.
On Tuesday, the Supreme Court confirmed the decision of the appellate court from May 17, which sentenced the former employee of the country’s tech giant to 18 months in prison and imposed a fine of 10 million won (approximately $7,300) for violating the Industrial Technology Protection Act. Additionally, the court found the defendant guilty of embezzlement.
According to the appellate court’s findings, the defendant unlawfully obtained access to 68 instances of data concerning the company’s core technology over a period exceeding one week, from late January to early February 2021. This data encompassed technologies related to the design, processing, and manufacturing of AMOLED (active-matrix organic light-emitting diode) displays, as well as blueprints of manufacturing plants, all of which are classified as national core technologies. READ MORE
4. North Korean hackers preyed on crypto and fintech in Brazil, report reveals
According to a United States tech giant on Thursday, North Korean government-linked hackers have focused their efforts on targeting cryptocurrency and financial technology companies in Brazil. Concurrent with these activities, North Korean hacking groups accounted for one-third of all government-backed phishing attacks aimed at the country.
In a blog post on Google Cloud, the tech giant revealed that North Korean threat actors were responsible for one-third of government-sponsored phishing operations aimed at Brazil, the largest economy in South America, from 2020 to the first quarter of 2024. This placed them second, behind China, which accounted for 42%. Overall, cyberespionage groups from more than a dozen countries have conducted campaigns against Brazil over the past four years.
The report, titled “Insights on Cyber Threats Targeting Users and Enterprises in Brazil,” was based on collaborative analysis by Google’s Threat Analysis Group (TAG) and Mandiant, a Google-owned cybersecurity firm headquartered in the U.S. READ MORE
5. Local government employee exposes a citizen’s personal data
An employee at a suborganization of a South Korean municipal office accidentally sent one citizen’s personal information to all city officials. The incident occurred on Tuesday at a local community service center in Incheon.
According to a spokesperson from the Incheon Seo-gu Office who spoke to The Readable, a citizen applied for a community service through a local community service office but had submitted the application to the wrong office. Attempting to correct the mistake, the official who dealt with the applicant tried to forward the information to the correct office. However, instead of reaching the intended government official, the data—containing sensitive and private information—was accidentally sent to the entire Incheon metropolitan government. READ MORE
6. [Events] Global testing laboratory to host event on IoT cybersecurity
Wireless devices are becoming more and more prevalent in our daily lives, increasing the need for robust security measures to mitigate the potential risks anticipated to accompany their widespread use. Bureau Veritas ICTK, a global chip testing laboratory, is set to host an event where cybersecurity companies and interested parties can share perspectives and gain an overview of global changes in Internet of Things (IoT) security regulations.
Titled “IoT Cybersecurity Seminar,” the four-hour event is scheduled for June 18 at the Corea Conference Center in Seoul. “We organized this event to share detailed information about the upcoming changes in the European Union’s IoT device regulations. We also planned sessions on IoT device standards to ensure interested parties are well-informed,” said Yoo Kyung-dong, Chief Marketing Officer of ICTK. READ MORE
More stories this week…
7. [ProPublica] Microsoft Chose Profit Over Security and Left U.S. Government Vulnerable to Russian Hack, Whistleblower Says
8. [Reuters] Dutch intelligence says Chinese cyber espionage goes wider than it suspected
9. [CBC] Police arrest 3 in connection with massive Desjardins data breach
10. [BBC] Genetic testing firm 23andMe investigated over hack
