By Kuksung Nam, The Readable
Mar. 10, 2023 8:00PM GMT+9
“Weekend Briefing” is a weekly newsletter that is sent to The Readable’s subscribers every Friday. Cybersecurity journalists for The Readable carefully select important news stories from the previous week and deliver them in a compact form. Topics encompass cybercrime, geopolitics, and privacy. There are no costs involved with a subscription, and some content, such as the monthly ransomware index report, is only available to those who subscribe to our newsletters.
Hello! This is Kuksung Nam in South Korea. This week, Chinese-made security cameras have yet again been brought into question across the country as video footage of patients in a plastic surgery clinic was exposed online. In addition, two global tech giants have made the headlines as they decided to challenge South Korea’s privacy regulator in court over the agency's decision to impose a fine of 100 billion won ($75 million). On one hand, South Korea is preparing for a tough legal battle; however, on the other hand, a long dispute between South Korea’s military and a cybersecurity company has come to an end. In addition to these three stories, we have included two other news stories and one opinion article for our readers. Have a great weekend!
1. CCTV footage from plastic surgeon’s office dispersed onto obscene websites
Camera footage that shows medical examinations in a plastic surgeon’s office in Seoul has been exposed online and is being circulated through obscene websites based in China. The South Korean police launched an investigation to trace the initial cause of the breach.
The Seoul Metropolitan Police conducted an on-site investigation at one hospital located in Gangnam on Tuesday regarding a recent security incident that laid bare private scenes of medical examinations for plastic surgery procedures. According to multiple local news outlets, the exposed videos were recorded from February 24 to February 28, documenting dozens of patients receiving medical consultations and procedures.
The hospital specializes in body sculptures for women, such as fat transfer and breast augmentation. Among the victims of the security breach, a celebrity was reportedly included. The total volume of the videos reaches 1.5 gigabytes. To read the full article, click here.
2. US, South Korea working group targets North Korea’s crypto heist
The United States and South Korea convened the third meeting of the working group to discuss how to strengthen the international partnership against North Korea’s malicious cyber activities. According to the Ministry of Foreign Affairs and the U.S. Department of State on Thursday, Lee Jun-il, the South Korean foreign ministry’s director-general of North Korean nuclear affairs, and Jung Park, the U.S. deputy special representative for the Democratic People's Republic of Korea, met in Washington D.C. on March 7. The South Korean foreign ministry stated that both parties addressed a more active approach against North Korea’s cryptocurrency heist and ways to strengthen their efforts to confront fraudulent activities of North Korean IT workers stationed aboard.
3. South Korean military and antivirus firm end legal battle over data breach
The South Korean defense ministry and two information technology companies have ended their years long legal battle over a serious cyberattack incident involving North Korean hackers. According to the Seoul High Court on Friday, none of the parties appealed to the court’s ruling before the deadline. The Seoul High court on February 16 ruled that evidence is insufficient to support the military’s claim that the hacking incident was caused by the negligence of the antivirus company Hauri. In October of 2017, the military department filed a 5 billion won ($4 million) lawsuit against LG CNS and the antivirus company Hauri for damages caused by the North Korean hackers who broke into national defense networks and stole military secrets from 3,200 computers.
4. Meta, Google challenge South Korea’s privacy watchdog in court
A South Korean regulator is bracing for a legal battle with Facebook parent Meta and Google after the companies filed a lawsuit last month against the privacy watchdog’s decision to give them the largest fine in the agency’s history, 100 billion won ($75 million), for violating the nation’s privacy law.
According to the Personal Information Protection Commission (PIPC) on Wednesday, the two companies have filed an administrative lawsuit against the organization on February 7 and 13 respectively, refuting all of the orders the regulator has imposed upon them. Companies can file a suit within 90 days after they have been formally notified if they disagree with the privacy watchdog’s conclusion. To read the full article, click here.
5. South Korea to host UN tech group’s cybersecurity meeting in August
South Korea has been selected to be the venue for an intergovernmental meeting on cybersecurity, which operates under the United Nation’s technology group, in the second half of this year.
The Ministry of Science and ICT said in a statement on March 4 that the meeting of Study Group 17 of the International Telecommunication Union’s telecommunication standardization sector (ITU-T SG17) will be held from August 29 to September 8 in the Korea International Exhibition Center. To read the full article, click here.
6. [Opinion] Automating firewall policy management: enhancing security and efficiency in spite of the talent shortage
In today’s digital age, security threats are constantly evolving, making it increasingly difficult for organizations to keep their networks and data secure. One of the key components of network security is the firewall, which acts as a barrier between an organization’s internal network and the outside world. Firewall policies determine what traffic is allowed to pass through the firewall and what is blocked, making them a critical component of network security.
However, managing firewall policies manually can be a daunting task. It’s time-consuming and error-prone, which can lead to misconfigured policies that can leave an organization’s network vulnerable to cyberattacks. However, as the demand for skilled cybersecurity professionals has increased, there has been a global cybersecurity manpower shortage, making it increasingly difficult for organizations to find and recruit the talent they need. According to a report by (ISC)², the global cybersecurity workforce shortage is expected to reach 1.8 million by 2022. To read the full article, click here.
The cover image of this article was designed by Areum Hwang.
Kuksung Nam is a journalist for The Readable. She has extensively traversed the globe to cover the latest stories on the cyber threat landscape and has been producing in-depth stories on security and privacy by engaging with industry giants, foreign government officials and experts. Before joining The Readable, Kuksung reported on politics for one of South Korea’s top-five local newspapers, The Kyeongin Ilbo. Her journalistic skills and reportage earned her the coveted Journalists Association of Korea award in 2021 for her essay detailing exclusive stories about the misconduct of a former government official. She holds a Bachelor’s degree in French from Hankuk University of Foreign Studies, a testament to her linguistic capabilities.