Cybersecurity News that Matters

Cybersecurity News that Matters

[Weekend Briefing] Maritime power, North Korean hackers, wireless security

Designed by Daeun Lee, The Readable

by Dain Oh

May. 31, 2024
8:33 PM GMT+9

“Weekend Briefing” is a weekly newsletter sent to subscribers of The Readable every Friday. Our journalists select important news items from the previous week on topics ranging from privacy to policy development in cybersecurity, all to help you stay abreast of the latest breaking issues. And not only is this provided free of cost to our subscribers, but the briefing contains new content exclusive to subscribers, such as our insightful industrial reports.

The South Korean navy hosted nearly a thousand people on its symbolic ship, the Dokdo-ham, on Thursday for an open discussion on maritime power. I attended the conference in person and listened to some of the most authoritative experts in the field. It was remarkable to hear about the complex national security challenges South Korea is currently facing. However, most experts agreed that security is not an issue that a single country can address alone; it requires multinational cooperation. Additionally, many top researchers emphasized the need for an expanded and proactive role for the navy to counter evolving threats. I have documented their insights in this briefing.

The prestigious ACM WiSec conference on wireless security took place earlier this week in Seoul, with Kuksung Nam and Minkyung Shin attending as reporters. The Readable published three articles on the event, highlighting research findings in drone security and data authentication vulnerabilities. Additionally, two news articles on North Korean hackers are included in this briefing, along with stories on Kakao and a new government council.

This is Dain Oh reporting from South Korea, and this is your weekend briefing.

1. South Korean navy poised to expand its role in response to emerging threats

Yang Yong-mo, Chief of Naval Operations for the Republic of Korea Navy, is delivering an opening speech at the 21st Shipboard Symposium taken place on the navy’s Dokdo-ham, an amphibious landing vessel named after a South Korean island, on May 30, 2024. Photo by Dain Oh, The Readable

Incheon, South Korea ― On Thursday, the South Korean navy conducted a public discussion as part of its efforts to gather expertise in maritime security. Nearly a thousand participants gathered on the navy’s symbolic ship, the Dokdo-ham, an amphibious landing vessel named after a South Korean island. The conference took place at the Incheon International Cruise Terminal while the ship was anchored.

“As the Korean Peninsula is enveloped by the ocean, bordered on three sides by different seas, maritime power stands as a cornerstone of our nation’s future,” remarked Yang Yong-mo, Chief of Naval Operations for the Republic of Korea Navy, during his opening speech at the 21st Shipboard Symposium. “Furthermore, strengthening maritime power is not merely an option but a mission, particularly in light of the ongoing hegemonic competition between the United States and China across the Indian Ocean and the Pacific,” emphasized the Chief before the assembled audience. READ MORE

2. Wireless security in the spotlight in South Korea with 210 international experts

Designed by Areum Hwang, The Readable

An international wireless and mobile security conference was held in South Korea for the first time, attracting approximately 210 experts from around the world. On Monday, the Association for Computing Machinery Conference on Security and Privacy in Wireless and Mobile Networks (ACM WiSec) commenced its three-day event.

The ACM, the world’s largest educational and scientific computing society, hosts over 170 events globally through its special interest groups. ACM WiSec is a premier conference sponsored by the ACM and its Special Interest Group on Security, Audit, and Control (SIGSAC). This year’s event, marking the 17th meeting, was organized by the Korea Institute of Information Security & Cryptology (KIISC). READ MORE

3. Researcher explores integration of audio and video detection for countering malicious drones

Ildi Alla, a researcher at Inria Lille-Nord Europe, a research center affiliated with the University of Lille, is delivering a speech at the 17th ACM Conference on Security and Privacy in Wireless and Mobile Networks (ACM WiSec). Photo by Kuksung Nam, The Readable

Seoul — The ACM WiSec Conference — With the rise of drones posing a threat to critical infrastructure, public safety, and privacy due to their affordability and convenient operation, a security expert introduced a new drone detection system on Tuesday that integrates both video and audio detection solutions, enhancing surveillance capabilities against unauthorized drone activity.

Ildi Alla, a researcher at Inria Lille-Nord Europe, a research center affiliated with the University of Lille, presented his team’s work to the international audience at the 17th ACM Conference on Security and Privacy in Wireless and Mobile Networks (ACM WiSec). The researcher, drawing from a research paper titled ‘From Sound to Sight: Audio-Visual Fusion and Deep Learning for Drone Detection,’ emphasized the significance of precisely identifying drones. With their increasing misuse posing a growing threat to infrastructure and public security, accurate detection methods are crucial. READ MORE

4. Researchers warn of potential exploitation of data authentication vulnerabilities by attackers

Aya Fukami, a scientist at the Netherlands Forensic Institute, is revealing her research findings at the ACM WiSec conference on Tuesday. Photo by Minkyung Shin, The Readable

Seoul — The ACM WiSec Conference — On Tuesday, three research groups presented on the topic of cyberattacks at the ACM WiSec conference in Seoul. The researchers highlighted how attackers can exploit vulnerabilities in data protection and authentication to launch such attacks. They emphasized the critical need to safeguard devices and networks from emerging methods of cyber intrusion.

One of the key discoveries presented at the conference was made by Aya Fukami and Richard Buurke, scientists at the Netherlands Forensic Institute. They identified a significant security vulnerability in the Replay Protected Memory Block (RPMB), a secure memory component in digital devices. READ MORE

5. North Korean hackers leverage online games to distribute malware, Microsoft reveals

Designed by Areum Hwang, The Readable

A new North Korean hacking group has allegedly developed an online game and sent compromised emails to their targets while posing as game developers and investors, according to a statement from a United States tech giant on Tuesday.

In a recent blog post, Microsoft Threat Intelligence announced that a new North Korean hacking group had been discovered, one that the company dubbed “Moonstone Sleet.” Microsoft has been developing a system of classification that correlates threat actors from specific regions of the world with weather themes. For example, North Korean threat actors are referred to as “Sleet,” while Russian and Chinese hacking groups are tagged with the names “Blizzard” and “Typhoon,” respectively. READ MORE

6. US Treasury report: North Korean hackers stole $720 million of virtual assets

Designed by Areum Hwang, The Readable

The United States Department of the Treasury revealed that hackers affiliated with the North Korean government stole $720 million worth of virtual assets, funds allegedly diverted to fuel the development of illegal weapons.

On Wednesday, the U.S. Treasury released a groundbreaking report titled ‘Illicit Finance Risk Assessment of Non-Fungible Tokens.’ In this inaugural report, the U.S. government delved into the potential misuse of Non-Fungible Tokens (NFTs) and NFT platforms by illicit actors for money laundering and financing terrorist activities. READ MORE

7. Kakao hit with record $11 million fine for mishandling personal data of upwards of 65,000 users

Designed by Sangseon Kim, The Readable

Kakao, South Korea’s leading mobile messaging firm, faced a record $11.1 million (15.1 billion won) fine from the country’s privacy regulator for mishandling the personal data of more than 65,000 users.

In a press briefing held on May 23, the Personal Information Protection Commission (PIPC) announced that Kakao had been fined $11.1 million for violating the country’s privacy laws, citing a failure to adequately safeguard users’ information. The PIPC further noted that the company, boasting more than 85% of the country’s population as its users, also faced an additional fine of $5.7 thousand (7.8 million won) for neglecting to report the data breach to the commission and its clients. READ MORE

8. South Korea launches security council to strengthen critical infrastructure resilience

Designed by Areum Hwang, The Readable

On Tuesday, the South Korean government formed a comprehensive council to enhance the resilience of the nation’s critical infrastructure amid escalating threats.

In a press release, the Office of the President announced that a meeting was held with various government agencies, leading to the creation of a pan-government security council aimed at safeguarding the nation’s critical infrastructure. Chaired by Wang Yun-jong, the third deputy director of national security, the meeting included representatives from eleven organizations, such as the National Intelligence Service, the Ministry of Science and ICT, the Ministry of Foreign Affairs, and the Ministry of Environment. READ MORE

9. Top court upholds engineering professor’s prison term for leaking tech to China

Designed by Areum Hwang, The Readable

South Korea’s Supreme Court upheld a lower court’s decision on Thursday, sentencing an engineering professor to a two-year prison term for leaking vital autonomous vehicle technologies to China.

In a press release, the top court stated that they rejected the defendant’s appeal and found him guilty of violating the Industrial Technology Protection Act. According to court documents, the defendant, a professor at the School of Electrical Engineering at Korea Advanced Institute of Science and Technology (KAIST), leaked industrial technologies to approximately 30 researchers at Chongqing University of Technology from November 2017 to February 2020.

The defendant granted the Chinese experts access to OneDrive, a cloud storage service that only researchers at KAIST are authorized to use for sharing their work. Under the defendant’s orders, researchers at the South Korean university uploaded data on crucial sensor technologies for autonomous vehicles, such as LIDAR (Light Detection and Ranging), to OneDrive, enabling Chinese researchers to download the information at any time.

The court stated that the defendant was selected as a foreign expert in the Thousand Talents Program (TTP), a Chinese government-run project, in 2017. As part of this participation, he signed an employment contract with the Chinese university and conducted a research project on technologies relevant to LIDAR. “[The defendant] wanted to fulfill his contract with the TTP and share the works of KAIST with the Chinese researchers so that they could apply them in their studies,” the court stated.

The court also found the defendant guilty of fraud and embezzlement. Kuksung Nam, The Readable

More stories this week…

  1. [CNBC] DOJ charges Chinese national with operating ‘world’s largest botnet’ that stole $5.9 billion in Covid relief funds
  2. [AP] Europe’s cybersecurity chief says disruptive attacks have doubled in 2024, sees Russia behind many
  3. [NYT] OpenAI Says Russia and China Used Its A.I. in Covert Campaigns
  4. [Guardian] Spying, hacking and intimidation: Israel’s nine-year ‘war’ on the ICC exposed


Subscribe to our newsletter for the latest insights and trends. Tailor your subscription to fit your interests:

By subscribing, you agree to our Privacy Policy. We respect your privacy and are committed to protecting your personal data. Your email address will only be used to send you the information you have requested, and you can unsubscribe at any time through the link provided in our emails.

  • Dain Oh
    : Author

    Dain Oh is a distinguished journalist based in South Korea, recognized for her exceptional contributions to the field. As the founder and editor-in-chief of The Readable, she has demonstrated her expe...

    View all posts
Stay Ahead with The Readable's Cybersecurity Insights