“Weekend Briefing” is a weekly newsletter that is sent to The Readable’s subscribers every Friday. Journalists for The Readable select important news stories from the previous week. Topics encompass privacy, cybercrime, and policy development in cybersecurity. There are no costs involved with a subscription, and some content, such as industrial reports, is only available to those who subscribe to our newsletters.
Hello! This is Dain Oh reporting from South Korea. Here is your weekend briefing.
1. South Korea launches AI privacy team to address security concerns
South Korea’s privacy regulator officially launched a team dedicated to addressing the concerns regarding artificial intelligence on Friday. The new unit is tasked with assisting South Korean firms to consider users’ privacy from the early stage when they develop products and services that leverage AI technologies.
According to a statement released by the Personal Information Protection Commission (PIPC), the new unit, called the AI privacy team, started its operation on October 6. The AI privacy team is placed under the supervision of the PIPC’s director general for personal information policy.
The privacy agency is preparing to launch a pilot program this month that aims to exempt the companies from possible further penalties once they work side by side with the privacy agency during the initial phases of their AI-infused products and services development. In addition, the privacy watchdog stated that the team will provide legal consultations to AI companies to lessen their confusion related to privacy regulations. READ MORE
2. Korean man charged for creating AI-generated child pornography
South Korean prosecutors have formally pressed criminal charges against an individual accused of utilizing cutting-edge artificial intelligence technology to produce explicit content involving minors.
On August 2, the Busan District Prosecutors Office announced the indictment of a man in his forties for alleged violations of the act on the protection of children and youth against sex offenses. In accordance with the country’s legal framework, the individual could potentially face a sentence of life imprisonment or a minimum of five years in prison for the production of explicit content involving minors.
As stated by the Prosecutors Office, the accused is alleged to have produced approximately 360 instances of sexual content involving virtual minors through the use of a generative AI tool. Reportedly, the suspect input phrases such as “10-year-old” and “naked” into the prompt of the program, which was installed on his laptop computer in April. The specific name of the image generator has not been revealed by South Korean law enforcement. READ MORE
3. North Korean hackers targeting shipbuilding industry, spy agency says
North Korean hackers have been targeting South Korean shipbuilding industry intensively with an aim to reinforce their maritime force, South Korean intelligence agency revealed on Wednesday. The National Intelligence Service did not confirm whether the hackers succeeded in stealing industrial secrets, but said they spotted multiple attempts over the last two months.
“North Korean hackers tried to circumvent their target systems’ security by occupying third-party vendors while distributing phishing emails to internal employees of the targeted companies,” the spy agency disclosed in a press release. READ MORE
4. North Korean cyber threats are shifting towards social engineering, the latest research by Mandiant reveals
While Pyongyang continues to finance its nuclear weapons development through cyber extortion tactics like ransomware attacks and cryptocurrency heists, security experts are sounding the alarm on a recent shift in North Korean hacking methods. The new approach doesn’t rely on technical prowess, but rather employs simple disguises to pose as ordinary individuals for intelligence gathering.
Michael Barnhart, Principal Analyst at Mandiant for Google Cloud, unveiled new research on North Korea’s evolving social engineering tactics during a session at the Mandiant Worldwide Information Security Exchange (mWISE) conference on September 18. In a session aptly named “High volume and low sophistication,” Barnhart recounted a real-world incident targeting 38 North, a publication by the Stimson Center that offers policy analysis on North Korea. Jenny Town, Director of 38 North, also joined the presentation, shedding light on the events of that particular day.
“The cyber threat group is not hacking us anymore. These days, they do not start with the hacking aspect generally. It is a lot of social engineering,” said Town. In the realm of information security, social engineering involves the artful use of deception to manipulate individuals into disclosing confidential or personal information, often leveraged for fraudulent activities. READ MORE
5. Foreign ministry faces criticism over security measures in diplomatic missions
The South Korean foreign ministry is facing criticism from South Korean lawmaker regarding their inadequate security measures in diplomatic missions.
South Korean lawmaker Lee Won-wook disclosed on Wednesday that the country’s diplomatic missions did not fully participate in the programs of security requirements. According to a statement released by his office, South Korea has opened 190 diplomatic missions abroad and more than half of them have not satisfactorily taken their security courses over the past three years. Lee revealed his findings based on documents submitted by the Ministry of Foreign Affairs (MOFA). READ MORE
6. Cyberattacks against South Korea’s weather agency spiked
South Korea’s weather agency is facing a wave of increase in bad actors who are trying to infiltrate the agency and its relevant organizations.
The Korea Meteorological Administration (KMA) detected more than 4,000 cases of cyberattacks deployed against the organization and its 18 affiliated offices last year, according to South Korean lawmaker Woo Won-shik on Thursday. The number spiked nearly 278% compared to six years ago. The lawmaker stated that KMA discovered 1,095 cases of hacking attempts in 2016. READ MORE