[Weekend Briefing] Balance between data protection and information sharing
By Kuksung Nam and Dain Oh, The Readable
Dec. 23, 2022 6:42PM KST
“Weekend Briefing” is a weekly newsletter that is sent to The Readable’s subscribers every Friday. Cybersecurity journalists for The Readable carefully select important news stories from the previous week and deliver them in a compact form. Topics encompass cybercrime, geopolitics, and privacy. There are no costs involved with a subscription, and some content, such as the monthly ransomware index report, is only available to those who subscribe to our newsletters.
Hello, this is Kuksung Nam and Dain Oh in South Korea. The Readable recently published a book that contains a summary of its news articles from the third quarter of this year. The book is available to download through the link below. In addition, The Readable has released its first interview article, which provides our readers with fresh perspectives on the cybersecurity industry. Along with our stories that have been prepared for you this week, our entire team wishes you a Merry Christmas!
1. A story from Europe: The ultimate complexity of balancing between protecting and sharing information
Balance is not the first word that comes into one’s mind when thinking about cybersecurity. To most of us, we tend to focus on threat actors such as state-sponsored hackers and advanced persistent threat groups or the types of an attack such as ransomware and malicious code.
However, to an expert who has dedicated more than 25 years in the cyber domain, balance is the essence of cybersecurity. To make cyberspace safe, each country has to find the right balance between protecting data and releasing information.
“You can share, or you can hide,” said Cormac Callanan, the cybersecurity coordinator for the Enhancing Security Cooperation In and With Asia, or ESIWA, to The Readable. “Hiding doesn’t help you.”
On December 15, The Readable met with the cybersecurity coordinator of ESIWA, who was visiting country to participate in the Hongneung Defense Forum’s special session for South Korea and the European Union. ESIWA is a project co-funded by the EU which aims to cooperate in four areas, including cybersecurity with six partner countries in Asia: South Korea, Japan, India, Vietnam, Singapore, and Indonesia. To read the full story, click here.
2. Security expert turned black hat, selling 400K houses’ private videos
The National Police Agency of South Korea arrested a suspect who infiltrated home networks of more than 400,000 private residences and tried to sell the videos and pictures of victims on the dark web. The suspect was confirmed to be a security expert who warned people of vulnerable home networks three years ago.
The Cyber Terror Response Division under the National Office of Investigation announced on Wednesday that they have seized a man who illicitly accessed thousands of home networks from several apartment complexes, recorded videos and pictures inside the residential properties, and attempted to sell them on Raid Forum, a now-defunct underground website on the dark web. The man is accused of violating the information protection law.
According to the police, the suspect committed these crime by exploiting vulnerable wallpads, which are smart home devices that are installed in apartments in the form of tablets and help residents remotely control multiple home related functions through cameras and sensors. From August to November of last year, he managed to access the servers of 638 apartment complexes, penetrating 404,847 housing units where people made their homes. After obtaining access to the wallpads, he secretly filmed inside the houses. To read the full story, click here.
3. Intelligence agency raises alarms about North Korean cyberespionage
The South Korean intelligence agency raised concerns about North Korea, warning that the country will continue their efforts to steal South Korea’s cutting-edge technology, such as semiconductor and defense industry knowledge. The National Intelligence Service claimed on Thursday that North Korean state sponsored hackers will focus on collecting confidential information related to South Korea and the United States policy against the country.
The NIS reaffirmed its concerns regarding North Korea’s illicit cyber activities for financial gain. The intelligence agency estimated that North Korea had stolen about 1.5 trillion won ($1.1 billion) worth of cryptocurrencies worldwide since 2017, with more than half of the total amount being stolen this year, which amounts to approximately 800 billion won ($623 million).
4. North Korean hackers target experts in diplomacy, spreading malicious documents
Malicious documents that were intended to steal sensitive information regarding diplomacy and national security have been spotted by a South Korean cybersecurity firm. The cyber espionage was conducted by a state-sponsored hacking group from North Korea, concluded the firm.
On Tuesday, ESTsecurity warned South Korean experts about being exploited by the North Korean hacking group. The malicious documents were disguised in advisory requests and reference materials, specifically targeting certain experts in diplomacy, national security, defense, and North Korean policies.
According to an analysis by ESTsecurity, the hacking attempts start with phishing emails. The hackers concealed their identities from targets, pretending to have worked for research institutions and government agencies. If a target downloads the attached document, he or she will be led to a phishing website, which looks like a webpage for downloading large files. Once the target clicks the “download” button on the webpage, a fake login popup will show, or another malicious code will be installed on the target’s devices.
“These hackers not only try to steal credential information from the targets, but also make money by heisting cryptocurrencies and working as agents of program developers,” claimed ESTsecurity in its analysis report. “While North Korean hacking attacks are still active at the end of this year, recent attacks are confirmed to have abused certain web servers in South Korea,” informed the report.
5. The Readable: Book of news articles in 2022 3Q
Starting with this copy, The Readable plans to publish its book of news articles every quarter. To read the current copy, click here.
The cover image of this article was designed by Sangseon Kim.
Kuksung Nam is a cybersecurity journalist for The Readable. She covers cybersecurity issues in South Korea, including the public and private sectors. Prior to joining The Readable, she worked as a political reporter for one of the top-five local newspapers in South Korea, The Kyeongin Ilbo, where she reported several exclusive stories regarding the misconduct of local government officials. She is currently focused on issues related to anti-fraud, as well as threats and crimes in cyberspace. She is a Korean native who is fluent in English and French, and she is interested in delivering the news to a global audience.
Dain Oh is an award-winning cybersecurity journalist based in South Korea and the founding editor-in-chief of The Readable by S2W. Before joining S2W, she worked as a reporter for The Electronic Times, the top IT newspaper in Korea, covering the cybersecurity industry on an in-depth level. She reported numerous exclusive stories, and her work related to the National Intelligence Service led to her being honored with the Journalist of the Year Award in 2021 by the Korea Institute of Information Security and Cryptology in a unanimous decision. She was also the first journalist to report on the hacking of vulnerable wallpads in South Korean apartments, which later became a nation-wide issue.