Cybersecurity News that Matters

Cybersecurity News that Matters

South Korea, UK warn of North Korea’s hacking attacks after signing new cyber agreement

by Dain Oh, Arthur Gregory Willers

Nov. 23, 2023
12:00 PM GMT+9

Intelligence agencies in South Korea and the United Kingdom issued a joint cybersecurity advisory on Thursday, disclosing hacking techniques adopted by North Korea’s state-sponsored hacking groups.

On November 23, South Korea’s National Intelligence Service (NIS) and the U.K.’s Government Communications Headquarters (GCHQ) jointly published a threat report revealing that North Korea conducted a series of supply chain attacks, targeting popular software.

A supply chain attack is an attempt to break the weakest link in a software chain—in other words, the numerous components made by third-party vendors that constitute the software—through hacking. Once such an attack has succeeded, its impact can be very severe. Specifically, it opens a door that allows threat actors to leverage compromised software in order to use it as a steppingstone to cause further damage or execute future attacks.

In the advisory, the spy agencies referred to two examples: the authentication application MagicLine4NX and the remote communication software 3CX. MagicLine4NX is used by the vast majority of citizens in South Korea while 3CX has 600,000 customers globally. Threat actors exploited vulnerabilities in MagicLine4NX to penetrate South Korean institutions. Moreover, the same actors secretly inserted malicious code into 3CX’s desktop application to steal data from their targets’ web browsers.

The agencies officially confirmed that North Korean hackers were behind these supply chain attacks. They were able to execute the investigation as effectively as they did by pooling their efforts and utilizing the two nations’ security resources to complement one another.

This is the first time that the U.K. government has announced a collective security recommendation with a nation outside the multinational intelligence alliance Five Eyes, comprised of the U.K., the United States, Canada, Australia, and New Zealand. A day before the announcement, the two countries’ leaders had a bilateral summit and signed a new agreement to strengthen their cooperation in cyberspace.

South Korean President Yoon Suk-yeol, left, and Prime Minister of the United Kingdom Rishi Sunak on November 22. The two leaders signed the Strategic Cyber Partnership at this meeting. Source: South Korean presidential office

Coinciding with the 140th anniversary of the establishment of diplomatic relations, the Strategic Cyber Partnership between South Korea and the U.K. was signed during South Korean President Yoon Suk-yeol’s visit to the U.K., which took place from November 20 to November 23. On the first day of his trip, Yoon met with the U.K. Prime Minister Rishi Sunak and agreed to enter into a new partnership, the “Downing Street Accord,” which emphasizes increased technology sharing, cooperation in defense, and mutual support for regional security at sea, on land, and in cyberspace. The cyber agreement came two days after the leaders signed the Downing Street Accord.

“This agreement will serve as a bridge for building a cybersecurity cooperation network with the Five Eyes nations,” stated the South Korean presidential office in a statement on Wednesday. “It is also expected to have a positive impact on future cooperation with other friendly countries, such as Australia,” added the office.

Also according to the statement from the office of the president of South Korea, the Strategic Cyber Partnership stands on three pillars—fortifying cyber ecosystem, increasing common interests, responding to cyber threats—with all working together to enhance cyber defense cooperation and increase the two nations’ collective resilience. Based on the agreement, the two countries will open an official channel to share threat intelligence and request support against cyberattacks. The highest offices in national security of both countries will manage the partnership, while the foreign affairs ministries on both sides will provide practical support.

Subscription

Subscribe to our newsletter for the latest insights and trends. Tailor your subscription to fit your interests:

By subscribing, you agree to our Privacy Policy. We respect your privacy and are committed to protecting your personal data. Your email address will only be used to send you the information you have requested, and you can unsubscribe at any time through the link provided in our emails.

  • Dain Oh
    : Author

    Dain Oh is a distinguished journalist based in South Korea, recognized for her exceptional contributions to the field. As the founder and editor-in-chief of The Readable, she has demonstrated her expe...

    View all posts
  • Arthur Gregory Willers

    Arthur Gregory Willers is a copyeditor at The Readable, where he works to make complex cybersecurity news accessible and engaging for readers. With over 20 years in education and publishing, his exper...

    View all posts
Stay Ahead with The Readable's Cybersecurity Insights