“Weekend Briefing” is a weekly newsletter sent to subscribers of The Readable every Friday. Our journalists select important news items from the previous week on topics ranging from privacy to policy development in cybersecurity, all to help you stay abreast of the latest breaking issues. And not only is this provided free of cost to our subscribers, but the briefing contains new content exclusive to subscribers, such as our insightful industrial reports.
In August of last year, The Readable traveled along the west coast of the United States to attend three major cybersecurity events: USENIX, Black Hat, and DEF CON. A year has passed, and I will be in Las Vegas next week to witness the hackers’ summer camp once again. At the Black Hat conference, I will hear from experts on topics such as election security, misinformation, artificial intelligence, privacy, and the relationship between media and hackers. DEF CON 32 will feature the semifinal of the AI Cyber Challenge (AIxCC) along with discussions on emerging topics. For this weekend, I’ve included a few news articles from last year’s events in Vegas. The next briefing will be delivered on August 11, following the conclusion of DEF CON’s competition.
Minkyung Shin has been covering the controversy in South Korea surrounding leaked military secrets. Hongeun Im interviewed an expert to review threats from AI data poisoning. Additionally, a new organization led by South Korea’s intelligence agency was launched today, a story I have just reported.
This is Dain Oh reporting from South Korea, and here is your weekend briefing.
1. South Korean military secrets allegedly leaked to North Korea, sparking security controversy
The South Korean military is embroiled in a security controversy following the alleged leak of highly sensitive military secrets, including a list of undercover intelligence operatives, to foreign countries, a situation disclosed to the public by a member of the National Assembly on July 27.
Kim Min-seok, a member of the main opposition Democratic Party, revealed that the nation’s defense intelligence had been compromised by a military officer who allegedly provided a foreign agent with confidential information. The agent, a Korean Chinese individual with suspected ties to the North Korean intelligence agency, was fed crucial data including the real names, ages, and operational countries of undercover agents working under false identities. This information was transferred to the agent several times this year. Authorities suspect that some of the leaked information has reached North Korea.
On July 30, the South Korean defense ministry announced that it had requested an arrest warrant for the military officer accused of leaking military secrets to a foreign agent. The suspect claimed that the incident was a result of external hacking of their personal computer. The Korea Defense Intelligence Command (KDIC), a government organization responsible for safeguarding military secrets where the suspect worked for, concluded the breach did not result from hacking attacks. READ MORE
2. AI data poisoning, the next biggest threat to cybersecurity?
Artificial intelligence data poisoning, particularly the backdoor attack, is anticipated to be among the most challenging threats to counter in the realm of cybersecurity in the coming years. This insight was shared by Kim Hyoung-shick, a cybersecurity specialist and professor at Sungkyunkwan University, in an interview with The Readable on July 25. Kim’s recent paper, titled “Poisoned ChatGPT Finds Work for Idle Hands: Exploring Developers’ Coding Practices with Insecure Suggestions from Poisoned AI Models,” was presented at the IEEE Symposium on Security and Privacy 2024 in May.
AI data poisoning is a type of cyberattack that targets AI models, manipulating them to misclassify objects or recommend malicious items. According to Kim, even large-scale models like ChatGPT and Microsoft Copilot are vulnerable to such attacks. This is because most models rely on open-source data that can be uploaded by anyone on the internet. Multiple research papers have demonstrated the feasibility of this type of attack.
AI data poisoning can manifest in several ways, including data injection, data manipulation, and backdoor attacks. Data injection involves inserting invalid data into the AI model or dataset, while data manipulation is achieved by modifying or deleting valid data. Backdoor attacks combine elements of both data injection and manipulation, but they also involve a “trigger” that prompts a specific response. In an experiment conducted by Kim’s laboratory, for example, a model could be poisoned to fail to recognize individuals wearing red hats, with the red hat serving as the trigger to mislead the model. READ MORE
3. South Korea launches nationwide cyber hotline for emergencies
The National Intelligence Service (NIS) of South Korea has assembled a joint incident response team comprising 46 public organizations to tackle cybersecurity concerns.
In a statement released on August 2, the NIS announced the launch of ‘Cyber 119,’ a joint team consisting of law enforcement agencies, local governments, and other organizations in critical infrastructure sectors across the nation. In South Korea, 119 is the emergency telephone number for calling the fire brigade or an ambulance, similar to how 911 is used in the United States.
Cyber 119 includes the Ministry of Science and ICT, the Prosecution Service, the Korean National Police Agency, Korea Electric Power Corporation, Korea Hydro & Nuclear Power, the Korea Internet & Security Agency, and 13 local government offices. These organizations are divided into five regions and have 130 cyber experts on board. READ MORE
4. [Black Hat 2023] Viasat, NSA urge building partnership, sharing their experience amid satellite hack
Las Vegas, NV ― Black Hat ― Forging a partnership between commercial and government entities proves to be pivotal in establishing an effective incident response process, as emphasized by the key players who collaborated to mitigate the unprecedented satellite sabotage that targeted Ukraine in 2022.
During the 26th Black Hat USA event on Thursday, Mark Colaluca, Vice President and Chief Information Security Officer at Viasat, shed light on a common oversight. “For many organizations, incident response is the most neglected muscle group,” Colaluca stated. He also offered insights into the cyberattacks against KA-SAT and expanded on the intricate dynamics at play, explaining, “Most of what we experienced was a complicated ecosystem which involved distributors, salespeople, and satellite people on servers, with many of these people being in different countries and facing a language barrier, making for a chaotic scene in the beginning.” READ MORE
5. [Black Hat 2023] US national cyber director stresses the importance of human element in security
Las Vegas, NV ― Black Hat ― On Thursday, the White House’s acting national cyber director emphasized a crucial point: humans play a vital role in the realm of cyberspace. She also noted the significance of having a robust cyber workforce, adding that the absence of such a workforce poses a significant challenge to the nation’s security.
Kemba Walden, who has been serving as the acting director of the Office of the National Cyber Director since February, recently took the stage as a keynote speaker at the Black Hat USA event. In her address, she spoke to an audience of international security professionals about the groundbreaking National Cyber Workforce and Education Strategy (NCWES) released on July 31. This strategy marks a significant milestone as the first of its kind in this domain.
“We found that people are so integral to cyberspace that we had to do a whole separate strategy,” said Walden. “Some hundreds of thousands of cyber jobs are unfilled and that is a national security problem in my mind.” READ MORE
6. [Black Hat 2023] Disclosing security flaws could damage white hat hackers’ creativity, researcher urges
Las Vegas, NV ― Black Hat ― A security academic raised an important concern on Thursday, highlighting that an organization’s choice to publicly disclose resolved vulnerabilities might inadvertently hinder ethical hackers’ capacity to uncover previously unknown security weaknesses.
At the Black Hat conference, Ali Ahmed, an assistant professor in the Department of Information Systems at the College of Business, University of Wisconsin-Eau Claire, unveiled his ongoing research. This study delves into the intricate connection between bug bounty programs and the behaviors exhibited by white hat hackers participating in these initiatives.
Brian Lee, an assistant professor in the Department of Supply Chain and Information Systems at the Pennsylvania State University, and Amit Deokar, an associate Dean of Undergraduate Programs at the Manning School of Business, University of Massachusetts Lowell, participated in the research. READ MORE
7. [Black Hat 2023] Psychological safety leads to trust by design, GitHub security strategist says
Las Vegas, NV ― Black Hat ― According to insights from a security strategist at GitHub on Thursday, the success of a company’s endeavor to implement two-factor authentication (2FA) for its employees hinges on the concept of psychological safety.
During a briefing session held at Black Hat, John Swanson, the Security Strategy Director at GitHub, delved into the remarkable journey of the world’s largest open-source community, where millions of developers were guided toward adopting two-factor authentication. GitHub’s initiative was driven by the goal of enhancing global safety by safeguarding developers and fortifying the software supply chain right from its inception at the hands of developers.
“In order to reduce the chances of both open source and private software projects being compromised through social engineering or other methods of account takeover, broad use of 2FA remains the best option to harden our ecosystem’s defenses,” elaborated Swanson, introducing his talk. READ MORE
8. [Black Hat 2023] The five coolest vendors at Black Hat USA 2023: Oligo, Veriti, Mobb, SafeBreach, CyberGRX
Black Hat USA 2023 was pure bliss for those of us who are passionate about cutting-edge security innovation. Before the event, The Readable reached out to more than 70 vendors through hundreds of emails and selected around 20 for in-person meetings. In this article, we’re excited to spotlight the five coolest vendors that we met in Las Vegas last week. Our selections are based solely on their innovative contributions and are not influenced by any sponsorships. This article may serve as a roadmap for our readers to discover the latest trends in the cybersecurity industry. READ MORE
More stories this week…
9. [CISA] CISA Names First Chief Artificial Intelligence Officer
10. [NBC] Release of Russian hackers believed to be first U.S. prisoner swap to include international cybercriminals
11. [WSJ] Delta CEO Says CrowdStrike Tech Outage Cost It $500 Million
12. [NPR] Washington Post CEO accused in court of deceiving police about U.K. hacking scandal
13. [Phylum] Report: Q2 2024 Evolution of Software Supply Chain Security
