Cybersecurity News that Matters

Cybersecurity News that Matters

[Weekend Briefing] South Korea is fixing its outdated espionage law

Illustration by Areum Hwang, The Readable

by Dain Oh

Nov. 15, 2024
8:18 PM GMT+9

“Weekend Briefing” is a weekly newsletter sent to subscribers of The Readable every Friday. Our journalists select important news items from the previous week on topics ranging from privacy to policy development in cybersecurity, all to help you stay abreast of the latest breaking issues. And not only is this provided free of cost to our subscribers, but the briefing contains new content exclusive to subscribers, such as our insightful industrial reports.


South Korea’s National Assembly is amending its espionage law to address national security concerns from countries like China, which has previously only been subject to prosecution for actions tied to North Korea. Cyberattacks traced to Russian IP addresses have been increasing across South Korea, targeting public transport and government websites amid the growing military partnership between Russia and North Korea. Researchers detected the reemergence of the Chinese hacking group Volt Typhoon, which is using upgraded strategies. An information security expert shared insights into spatial computing and privacy with The Readable.

This is Dain Oh reporting from South Korea, and here is your weekend briefing.

1. South Korea expands espionage law to cover foreign nations beyond North Korea

On Nov. 13, South Korea’s National Assembly Judiciary Committee approved an amendment to the espionage law, broadening its scope from “enemy states” to include any “foreign” nation. Previously, espionage charges applied only to acts benefiting North Korea, leaving activities that aided other countries, such as China, outside its jurisdiction. The amendment aims to close these legal gaps, enabling the prosecution of espionage for any foreign entity with stricter penalties. READ MORE

2. Seoul Metro received massive DDoS attack, allegedly originating from Russia

Seoul Metro, the operator of subway lines 1 through 8, experienced a severe Distributed Denial of Service (DDoS) attack on its website, recording over 140 million attempts between November 4 and 5. The attack peaked on November 5, an unusual intensity compared to the annual average of 200 million DDoS attempts. City officials suspect the attack originated in Russia. READ MORE

3. Former NSA chief warns of North Korea’s cyber gains, suggests ransomware funds quarter of GDP

Former National Security Agency Chief Paul Nakasone suggested North Korea may be generating up to 25% of its gross domestic product through ransomware attacks, according to an Asahi Shimbun report on November 10. In a local media interview held in Tokyo, Nakasone highlighted North Korea’s advanced ransomware tactics, suggesting these cyberattacks have become the country’s primary revenue stream amid strict international sanctions. READ MORE

4. Chinese hacker group Volt Typhoon expands reach, targeting aging infrastructure worldwide

Illustration by Areum Hwang, The Readable

Volt Typhoon, a Chinese state-sponsored hacking group previously believed to have been curtailed by Western cyber defenses, has reemerged with a more advanced strategy aimed at infiltrating critical infrastructure worldwide, according to findings released Tuesday.

SecurityScorecard’s STRIKE Team report reveals that the hacking collective has shifted tactics, exploiting vulnerabilities in outdated routers at government and industrial facilities. This approach enables them to create a covert global network of compromised devices, or botnets, which they use as entry points to infiltrate critical infrastructure, including electric grids, pipelines, and water systems.

Officials report that Volt Typhoon is infiltrating critical infrastructure with the intent to disable or sabotage underlying technologies if Western allies engage in military conflict with China. Such actions could cause severe disruptions to power, communications, and other essential services. In August, Beijing-backed cyberspies were discovered embedded within the systems of several U.S. internet service providers. READ MORE

5. Opinion: Toward trustworthy spatial computing

Dr. Hwanjo Heo, principal researcher at ETRI. Illustration by Daeun Lee, The Readable

With the release of its first spatial computing device, the Vision Pro, Apple is reshaping the metaverse industry, which was previously focused on virtual reality (VR). The company envisions a next-generation computing experience where digital content seamlessly blends with the real world. Meanwhile, Meta, a leader in the VR headset market, has introduced full color passthrough in its latest Meta Quest headsets. This feature offers a high-fidelity, real-time representation of the physical world. Additionally, Meta recently unveiled its first augmented reality (AR) glasses, named Orion, designed to provide a more comfortable and integrated user experience.

Before this shift in the metaverse industry, popular VR applications like VRChat aimed to offer a surreal and immersive experience distinctly separate from users’ real-world surroundings. Ironically, this separation acted as a safety boundary for users, as virtual worlds were not easily confused with reality, and events in these virtual spaces rarely impacted real life. However, as spatial computing applications increasingly integrate with the physical world, trustworthiness has emerged as a critical consideration. This raises an important question: What are the essential ingredients for trustworthy spatial computing? READ MORE

6. Expert warns cyber threats impact international security beyond technology

Song Tae-eun, an assistant professor at the Korea National Diplomatic Academy, delivers a speech at the 12th Cyber National Strategy Forum on Nov. 14. Photo by Minkyung Shin, The Readable

A security expert warned Thursday that cyber threats and conflicts have a profound impact on international politics and security, reaching far beyond technical concerns.

Song Tae-eun, an assistant professor at the Korea National Diplomatic Academy under the Ministry of Foreign Affairs, emphasized Thursday at the 12th Cyber National Strategy Forum that cybersecurity in international conflicts—such as the Russia-Ukraine war and the Israel-Hamas war—is increasingly extending into cyberspace, sparking new forms of conflict. READ MORE

7. Summary of Google Cloud’s Cybersecurity Forecast 2025

Evolving Threat Landscape: The report highlights the rapid evolution of cyber threats driven by technological advancements, especially artificial intelligence. While AI strengthens defenders’ capabilities in threat detection and response, it also equips attackers with tools for more sophisticated phishing, disinformation, and deepfake operations. Key threats, including ransomware, infostealer malware, and multifaceted extortion, are expected to intensify in 2025.

Nation-State Cyber Activities: The “Big Four” threat actors—Russia, China, Iran, and North Korea—remain central to global cyber risks. Russia continues its focus on Ukraine and NATO-aligned entities, while China invests in stealthy espionage and influence operations. Iran targets Middle Eastern governments and infrastructure amid geopolitical conflicts, and North Korea leverages cybercrime, including cryptocurrency theft, to fund its activities.

Strategic Defense Recommendations: To combat emerging threats, organizations must adopt cloud-native security measures, implement robust identity and access management protocols, and prepare for the post-quantum cryptography era. Enhanced compliance with global regulations and proactive threat monitoring are critical for maintaining resilience against the expanding cyber threat landscape. The report emphasizes the need to integrate AI into defense strategies while addressing vulnerabilities created by its misuse.

“2025 will be the year when artificial intelligence moves from pilots and prototypes into large-scale adoption,” stated Phil Venables, VP of TI Security and CISO at Google Cloud, with the release of the firm’s cybersecurity forecast report.

  • READ THE ORIGINAL REPORT BY THE VENDOR HERE

8. National Cyber Security Laboratory partners with Daejeon University to advance space-cybersecurity research

Eom Jeong-ho, fifth from the left, professor in Military Studies at Daejeon University, and Jeong Kyeong-doo, sixth from the left, president of the National Cyber Security Laboratory and former Minister of National Defense, on Nov. 13. Photo provided by NCSL

The National Cyber Security Laboratory (NCSL), led by Jeong Kyeong-doo, former Minister of National Defense, signed an academic research collaboration agreement with Daejeon University’s Future Complex Security Research Institute on Nov. 13. The partnership aims to enhance research capabilities, with NCSL focusing on cybersecurity policies and legal frameworks, while Daejeon University’s institute offers expertise in space-cybersecurity technologies and human resources. Both parties stressed the importance of tackling the growing threats of space-cybersecurity and committed to advancing South Korea’s capabilities in this critical area.

Subscription

Subscribe to our newsletter for the latest insights and trends. Tailor your subscription to fit your interests:

By subscribing, you agree to our Privacy Policy. We respect your privacy and are committed to protecting your personal data. Your email address will only be used to send you the information you have requested, and you can unsubscribe at any time through the link provided in our emails.

  • Dain Oh
    : Author

    Dain Oh is a distinguished journalist based in South Korea, recognized for her exceptional contributions to the field. As the founder and editor-in-chief of The Readable, she has demonstrated her expe...

    View all posts
Stay Ahead with The Readable's Cybersecurity Insights