“Weekend Briefing” is a weekly newsletter sent to subscribers of The Readable every Friday. Our journalists select important news items from the previous week on topics ranging from privacy to policy development in cybersecurity, all to help you stay abreast of the latest breaking issues. And not only is this provided free of cost to our subscribers, but the briefing contains new content exclusive to subscribers, such as our insightful industrial reports.
South Korea―A group of journalists has uncovered the impact of China’s Thousand Talents Plan on South Korea’s top talent, revealing that at least 13 experts have shifted their allegiance to China. Meanwhile, South Korean police have launched an internal investigation into social media accounts suspected of being linked to Chinese actors attempting to influence public opinion on competitive industries. Concerns about vulnerable Chinese-made CCTVs also dominated headlines this week after a lawmaker revealed that the insecure devices have yet to be replaced in the public sector. Additionally, private footage captured by these CCTVs was discovered on Chinese pornographic websites.
A resident doctor has been arrested for allegedly launching doxing attacks against fellow doctors who refused to participate in collective actions organized by the medical community. T-Mobile and the Federal Communications Commission (FCC) have settled a data breach case for $31.5 million, with half of the amount earmarked to improve the company’s cybersecurity over the next two years. In California, new legislation aims to protect children from deepfake threats. This briefing also includes updates on the International Counter Ransomware Initiative (CRI) and other stories.
This is Dain Oh reporting from South Korea, and here is your weekend briefing.
1. At least 13 core industry experts recruited by China – South Korea’s Dong-A Ilbo
2. South Korea investigates alleged Chinese manipulation of public opinion – South Korea’s Chosun Ilbo
3. South Korean ministry still using vulnerable CCTVs despite intelligence agency’s warning – South Korea’s Newsis
4. Korean obstetrics and gynecology delivery room secretly filmed by Chinese IP camera, leaked on Chinese porn site – South Korea’s Weekly Chosun
PLUS: Interesting discussion regarding Chinese IP camera hack – Reddit
5. Doctor arrested for doxing other doctors who did not participate in strike – South Korea’s News1
Related article: Doxing threats against non-participating doctors continue amid South Korea ongoing doctors’ strike – The Readable
6. US and T-Mobile settle data breach case for $31.5 million – Reuters
7. California governor signs bills to protect children from AI-generated deepfake nudes – ABC News (USA)
8. UK, US, and Australia impose sanctions on Russia-based Evil Corp cybercrime group – BBC
9. Updates on the International Counter Ransomware Initiative (CRI)
The International Counter Ransomware Initiative (CRI) held its fourth meeting in Washington, D.C., from September 30 to October 3, 2024, gathering 68 members, including new participants like Argentina, Bahrain, and the Economic Community of West African States (ECOWAS) Commission. During the meeting, members reaffirmed their commitment to strengthening global resilience against ransomware, supporting nations under cyberattack, and targeting those responsible. The United States also introduced a new fund to help enhance members’ cybersecurity capabilities, providing both immediate assistance following cyberattacks and support to bolster cybersecurity infrastructure.
Key developments included progress in the Policy Pillar, led by Singapore and the United Kingdom, which focused on disrupting the ransomware ecosystem, addressing the use of virtual assets, and promoting secure software practices. A tabletop exercise was conducted to strengthen healthcare sector resilience, and guidance on cyber insurance was endorsed. The Diplomacy and Capacity Building Pillar, led by Germany and Nigeria, expanded the coalition by adding 18 new members and enhanced collaboration through regional events. Additionally, Australia and Lithuania led international cooperation efforts through the International Counter Ransomware Task Force (ICRTF), improving information-sharing platforms.
Canada launched a Public-Private Sector Advisory Panel to further support CRI members, while the coalition hosted its first event focused on using artificial intelligence to combat ransomware. Discussions highlighted AI’s potential in tracking threat actors and enhancing software security. CRI members remain committed to international collaboration, advocating for responsible cyber behavior and holding malicious actors accountable.
Editor’s note: This summary was created by ChatGPT 4o and reviewed by Dain Oh.
- Original statement by the White House: International Counter Ransomware Initiative 2024 Joint Statement
- Related statement: Biden-Harris Administration Convenes Fourth Global Gathering to Counter Ransomware
- Related statement: Deputy Secretary for Management and Resources Richard R. Verma at the Fourth International Counter Ransomware Initiative Summit
10. US seizes 41 domains used by Russian intelligence in cyber espionage
The U.S. Department of Justice has announced the unsealing of a warrant authorizing the seizure of 41 internet domains used by Russian intelligence agents and their proxies for computer fraud and abuse in the United States. This operation, conducted in collaboration with Microsoft—who filed a civil action to block an additional 66 domains—is part of the Department’s efforts to combat state-sponsored cyber activities under the National Cybersecurity Strategy. The seized domains were linked to the ‘Callisto Group,’ a unit associated with the Russian Federal Security Service (FSB), which had used them to launch spear-phishing campaigns targeting U.S. government officials, military contractors, and other entities.
Deputy Attorney General Lisa Monaco stressed the Justice Department’s commitment to leveraging all available tools to disrupt and deter Russian cyber actors. The FBI highlighted the importance of collaboration with private sector partners like Microsoft in dismantling cyber espionage infrastructure. The seized domains were part of a sophisticated operation designed to steal sensitive information, and this action reflects ongoing efforts to protect U.S. and global targets from such threats.
This case also highlights previous charges against two members of the Callisto Group, who were involved in a campaign to hack computer networks in the United States, the United Kingdom, and NATO countries. The investigation is being led by the FBI’s San Francisco Field Office, with prosecution handled by the Northern District of California and the Justice Department’s National Security Division.
Editor’s note: This summary was created by ChatGPT 4o and reviewed by Dain Oh.
- Original statement by the U.S. Justice Department: Justice Department Disrupts Russian Intelligence Spear-Phishing Efforts