“Weekend Briefing” is a weekly newsletter that is sent to The Readable’s subscribers every Friday. Cybersecurity journalists for The Readable carefully select important news stories from the previous week and deliver them in a compact form. Topics encompass cybercrime, geopolitics, and privacy. There are no costs involved with a subscription, and some content, such as the monthly ransomware index report, is only available to those who subscribe to our newsletters.
Hello, this is Kuksung Nam and Dain Oh for The Readable. We have picked five news stories from this week. Have a great weekend!
1. South Korea unveils draft law to combat cyber threats
The South Korean intelligence agency unveiled a draft law on Tuesday to better defend the country against cyber threats from entities such as North Korea. This is the second attempt by the South Korean government to toughen cybersecurity law, which had stirred controversy within the country due to fear that such an attempt might lead to stifling people’s freedom.
The proposed legislation aims to counter escalating cyberattacks that have become crucial threats to national security by creating a centralized institution within the South Korean government. The draft law allows the government to form the “Presidential Committee of National Cybersecurity” to effectively implement cybersecurity polices and services in the country, a project promised by the South Korean president Yoon Suk-yeol.
The South Korean government has struggled to enact the cybersecurity law. Critics denounced the proposed legislation of the South Korean government in 2016, saying that the new law gave too much authority to the intelligence agency and expressed concerns that this might lead to a surveillance state. To read the original reporting, click here.
2. Intelligence agency speaks out on concerns over new cybersecurity law
The South Korean intelligence agency directly spoke out against the rising concerns over a new cybersecurity law, saying that the proposed legislation will not lead to surveilling people living in South Korea.
The National Intelligence Service argued in a statement on Friday that there is no legal basis for the claims that the new draft could lead to the possibility of allowing the agency to surveil civilians. The South Korean intelligence agency explained that the draft law limits the range of the cybersecurity information to the information that is related to cyber threats such as activities of state sponsored hacking groups. “[The cybersecurity information] is information about cyberattacks not about [individual] people,” said the NIS, flatly rejecting the claims.
3. Australia in breach: REvil exposes 200GB of private data
Australian insurance juggernaut Medibank has been brought to the center of attention after it refused to pay a ransom to the ransomware gang REvil and the company’s sensitive data, such as abortion records, started being exposed on the dark web. According to a blog post by REvil, the criminals stole more than 200GB of personal information from Medibank, which includes 9.7 million people’s data, as well as the company’s financial documents and contracts.
On November 9, REvil uploaded 2.5GB of data through their leak site, along with a dialogue between the gang and Medibank regarding a ransom negotiation. Medibank detected abnormal activities in its network on October 13 and disclosed the internal investigation results on November 7, revealing that they would not cooperate with the data thefts. The next day, REvil warned that it would expose the stolen data and started posting it next day. REvil also condemned the company, saying that the CEO of Medibank did not care about his customers because he refused to pay a ransom which amounted to only $1 per person.
4. South Korea seeks to expand cooperation against North Korean cyber threats
South Korea is planning to expand its cooperation with foreign countries, including the U.S., to combat North Korea’s cyber activities, according to the spokesperson for the Ministry of Foreign Affairs on Thursday at a daily press briefing.
South Korea has been developing closer relations with its U.S. counterpart to tackle North Korea’s cyber threat. Both countries have accused North Korea of using cyberattacks to illegally raise money. In August, South Korea and the U.S. held their first working group meeting on North Korea’s cyber threat in Washington D.C. The two sides discussed their partnership in dealing with North Korea’s attempts to raise money for nuclear weapons and ballistic missile programs by dispatching IT workers overseas and stealing cryptocurrencies.
5. North Korea denounces US-led cyberwar exercise
Shortly after the United States wrapped up an annual cyber exercise, called “Cyber Flag 23-1,” North Korea published a statement denouncing the U.S. defense efforts in cyberspace.
In a post, which was uploaded on a website by the Ministry of Foreign Affairs in North Korea on Wednesday, Kim Kuk-myong, a member of Association for Countermeasures against International Cybercrimes, criticized the U.S. predominance in cyberspace, arguing that the U.S. has expanded cyber capacity in order to spy on its “potential enemies and anti-U.S. independent countries.” Kim argued that the U.S. is abusing the term “cybersecurity” to obtain world hegemony while describing North Korea, China, and Russia as malicious actors.
In the meantime, the U.S. Department of the Treasury reissued sanctions on Tornado Cash, a virtual currency mixer which is allegedly used as a money laundering machine for cybercriminals, such as a North Korean state-sponsored hacking group Lazarus. To read the original reporting, click here.
Ransomware index report: October 2022
Top five countries by number of leak sites their data appeared on
The Readable’s monthly ransomware report is available to everyone who visits our website, but it will only be open to those who subscribe our newsletters from next month. To see the full report, click here.
S2W data insight analyst (DIA) team and cyber threat intelligence (CTI) group TALON contributed to this report.
