[Weekend Briefing] The five biggest cybersecurity stories in the first half of 2022

Kuksung Nam, The Readable
Jul. 8, 2022 7:48PM KST

Hello, this is Kuksung Nam in South Korea. I have picked the five biggest cybersecurity stories in South Korea so far this year. If you have any questions or comments on our stories, I would like to hear them from you. Find The Readable on Twitter, LinkedIn, and Facebook and feel free to talk with us. Thank you for your interest and have a great weekend!

1. The Meltdown of Terra and Luna

In May, one of the most popular U.S. dollar-pegged stablecoins, TerraUSD and its sister token Luna, collapsed. According to data from Coinbase, the sister token was at its peak of $116.39 on April 5. However, from May 7 to 13, the value of Luna plunged to $0, wiping out the fortunes of crypto investors. The Korea Financial Intelligence Unit estimates that South Korean investors hold 809 billion Luna tokens, which are worth ₩339 billion as of May 18. A few days after the crash, a group of investors in South Korea filed a fraud complaint against the company Terraform Labs and its founder Do Kwon, along with the co-founder Daniel Shin. According to the investors’ lawyer, one individual lost approximately ₩500 million during the market-wide meltdown. Currently, South Korean prosecutors are investigating allegations that the two coins were used in a Ponzi scheme, local media outlets reported. South Korean prosecutors have also barred the Terraform Labs employees from leaving the country for approximately one month.

2. Lapsus$ Hits Two Biggest Tech Giants in South Korea

In the first months of 2022, the Lapsus$ data extortion group landed in South Korea. On March 5, the Lapsus$ group announced that they had stolen 190 gigabytes of data from Samsung Electronics. The group claimed that the leaked data included source code for the operations of Samsung’s Galaxy smartphones. According to a local news report, Samsung confirmed two days later that they had suffered a cybersecurity breach. The company stated that the personal data of the employees and customers was not affected by the attack. The Lapsus$ group struck once again on March 22. The group claimed that they had breached employee accounts of LG Electronics, one of the biggest consumer electronics companies in the country alongside Samsung. LG Electronics confirmed that they had suffered a cybersecurity breach, according to a report by local media. The company stated that the customers personal data was not affected.

3. North Korean Spy Agents Active in South Korea

A South Korean army captain faces accusations of allegedly passing military secrets to a North Korean spy agent. According to the indictment filed by the Ministry of National Defense on April 28, the South Korean military officer took pictures of classified military data with a smartphone and gave the images to a North Korean spy agent last February. The data contains second class confidential information related to operations conducted in both wartime and peacetime against North Korea. In return, the officer was paid about ₩48 million worth of bitcoin tokens. The indictment also stated that the North Korean spy agent was a member of Lab 110. Lab 110 is a hacking group operated by North Korea’s Reconnaissance General Bureau (RGB). According to a local media report, the hacking group is suspected of being behind the distributed denial-of-service (DDoS) attacks at the Blue House and the National Assembly in 2009.

4. South Korea Joins NATO Cyber Defense

South Korea’s endeavors to join the NATO cyber defense group bore fruit. At the beginning of May, South Korea’s intelligence agency announced that South Korea became the first country in Asia to join the NATO Cooperative Cyber Defense Center of Excellence (CCDCOE). Established in response to a Russian cyberattack in 2008, CCDCOE is a cyber defense hub with thirty-two members including twenty-seven NATO states. Since 2019, South Korea has been putting effort into becoming a member of the CCDCOE. Last year, South Korea was the first Asian country to play the green team in the largest annual international cyber defense exercise organized by the CCDCOE. By joining the NATO cyber defense group, South Korea plans to reinforce its global cyber threat response capabilities. Alongside South Korea, Canada and Luxemburg were also formally admitted as contributing participants.

5. Smart Home Hack Battle Continues

In October of last year, a local news site, The Electronic Times, exclusively reported that smart home devices called "wallpads"had been hacked. One month later, another local news site, The IT Choson, revealed that personal videos extorted from wallpads were available on the dark web. Wallpads are tablets attached to appartement walls. This smart home device enables users to remotely control other smart home gear. More than six months after the initial report, South Korean authorities presented a set of countermeasures. On June 8, The Ministry of Science and ICT, the Ministry of Land, Infrastructure and Transport, and the Ministry of Trade, Industry and Energy announced that they are launching a joint investigation into smart home hacks. “The investigation was terminated by the end of June. The result will be announced no later than July,” said the Ministry of Science and ICT Network Policy Division official.


The cover image of this article was designed by Areum Hwang.

Kuksung Nam is a cybersecurity journalist for The Readable. She covers cybersecurity issues in South Korea, including the public and private sectors. Prior to joining The Readable, she worked as a political reporter for one of the top-five local newspapers in South Korea, The Kyeongin Ilbo, where she reported several exclusive stories regarding the misconduct of local government officials. She is currently focused on issues related to anti-fraud, as well as threats and crimes in cyberspace. She is a Korean native who is fluent in English and French, and she is interested in delivering the news to a global audience.