Cybersecurity News that Matters

Cybersecurity News that Matters

[Weekend Briefing] Balance between data protection and information sharing

Cormac Callanan, the cybersecurity coordinator for Enhancing Security Cooperation In and With Asia (ESIWA). Picture provided by Cormac Callanan. Image designed by Sangseon Kim, The Readable

by Kuksung Nam, Dain Oh

Dec. 23, 2022
9:42 AM GMT+9

“Weekend Briefing” is a weekly newsletter that is sent to The Readable’s subscribers every Friday. Cybersecurity journalists for The Readable carefully select important news stories from the previous week and deliver them in a compact form. Topics encompass cybercrime, geopolitics, and privacy. There are no costs involved with a subscription, and some content, such as the monthly ransomware index report, is only available to those who subscribe to our newsletters.


Hello, this is Kuksung Nam and Dain Oh in South Korea. The Readable recently published a book that contains a summary of its news articles from the third quarter of this year. The book is available to download through the link below. In addition, The Readable has released its first interview article, which provides our readers with fresh perspectives on the cybersecurity industry. Along with our stories that have been prepared for you this week, our entire team wishes you a Merry Christmas!

1. A story from Europe: The ultimate complexity of balancing between protecting and sharing information

Designed by Areum Hwang, The Readable

Balance is not the first word that comes into one’s mind when thinking about cybersecurity. To most of us, we tend to focus on threat actors such as state-sponsored hackers and advanced persistent threat groups or the types of an attack such as ransomware and malicious code.

However, to an expert who has dedicated more than 25 years in the cyber domain, balance is the essence of cybersecurity. To make cyberspace safe, each country has to find the right balance between protecting data and releasing information.

“You can share, or you can hide,” said Cormac Callanan, the cybersecurity coordinator for the Enhancing Security Cooperation In and With Asia, or ESIWA, to The Readable. “Hiding doesn’t help you.”

On December 15, The Readable met with the cybersecurity coordinator of ESIWA, who was visiting country to participate in the Hongneung Defense Forum’s special session for South Korea and the European Union. ESIWA is a project co-funded by the EU which aims to cooperate in four areas, including cybersecurity with six partner countries in Asia: South Korea, Japan, India, Vietnam, Singapore, and Indonesia. To read the full story, click here.

2. Security expert turned black hat, selling 400K houses’ private videos

Infographic that shows phases of home network hacking by the suspect. Designed by Areum Hwang, The Readable

The National Police Agency of South Korea arrested a suspect who infiltrated home networks of more than 400,000 private residences and tried to sell the videos and pictures of victims on the dark web. The suspect was confirmed to be a security expert who warned people of vulnerable home networks three years ago.

The Cyber Terror Response Division under the National Office of Investigation announced on Wednesday that they have seized a man who illicitly accessed thousands of home networks from several apartment complexes, recorded videos and pictures inside the residential properties, and attempted to sell them on Raid Forum, a now-defunct underground website on the dark web. The man is accused of violating the information protection law.

According to the police, the suspect committed these crime by exploiting vulnerable wallpads, which are smart home devices that are installed in apartments in the form of tablets and help residents remotely control multiple home related functions through cameras and sensors. From August to November of last year, he managed to access the servers of 638 apartment complexes, penetrating 404,847 housing units where people made their homes. After obtaining access to the wallpads, he secretly filmed inside the houses. To read the full story, click here.

3. Intelligence agency raises alarms about North Korean cyberespionage

Source: The National Intelligence Service

The South Korean intelligence agency raised concerns about North Korea, warning that the country will continue their efforts to steal South Korea’s cutting-edge technology, such as semiconductor and defense industry knowledge. The National Intelligence Service claimed on Thursday that North Korean state sponsored hackers will focus on collecting confidential information related to South Korea and the United States policy against the country.

The NIS reaffirmed its concerns regarding North Korea’s illicit cyber activities for financial gain. The intelligence agency estimated that North Korea had stolen about 1.5 trillion won ($1.1 billion) worth of cryptocurrencies worldwide since 2017, with more than half of the total amount being stolen this year, which amounts to approximately 800 billion won ($623 million).

4. North Korean hackers target experts in diplomacy, spreading malicious documents

Designed by Sangseon Kim, The Readable

Malicious documents that were intended to steal sensitive information regarding diplomacy and national security have been spotted by a South Korean cybersecurity firm. The cyber espionage was conducted by a state-sponsored hacking group from North Korea, concluded the firm.

On Tuesday, ESTsecurity warned South Korean experts about being exploited by the North Korean hacking group. The malicious documents were disguised in advisory requests and reference materials, specifically targeting certain experts in diplomacy, national security, defense, and North Korean policies.

According to an analysis by ESTsecurity, the hacking attempts start with phishing emails. The hackers concealed their identities from targets, pretending to have worked for research institutions and government agencies. If a target downloads the attached document, he or she will be led to a phishing website, which looks like a webpage for downloading large files. Once the target clicks the “download” button on the webpage, a fake login popup will show, or another malicious code will be installed on the target’s devices.

“These hackers not only try to steal credential information from the targets, but also make money by heisting cryptocurrencies and working as agents of program developers,” claimed ESTsecurity in its analysis report. “While North Korean hacking attacks are still active at the end of this year, recent attacks are confirmed to have abused certain web servers in South Korea,” informed the report.

5. The Readable: Book of news articles in 2022 3Q

Starting with this copy, The Readable plans to publish its book of news articles every quarter. To read the current copy, click here.

Subscription

Subscribe to our newsletter for the latest insights and trends. Tailor your subscription to fit your interests:

By subscribing, you agree to our Privacy Policy. We respect your privacy and are committed to protecting your personal data. Your email address will only be used to send you the information you have requested, and you can unsubscribe at any time through the link provided in our emails.

  • Kuksung Nam
    : Author

    Kuksung Nam is a journalist for The Readable. She has extensively traversed the globe to cover the latest stories on the cyber threat landscape and has been producing in-depth stories on security and...

    View all posts
  • Dain Oh
    : Author

    Dain Oh is a distinguished journalist based in South Korea, recognized for her exceptional contributions to the field. As the founder and editor-in-chief of The Readable, she has demonstrated her expe...

    View all posts
Designer:
Stay Ahead with The Readable's Cybersecurity Insights