Cybersecurity News that Matters

Cybersecurity News that Matters

[Weekend Briefing] Intelligence alliance between Korea and UK

by Dain Oh

Nov. 24, 2023
8:55 AM GMT+9

By Dain Oh, The Readable
Nov. 24, 2023 5:55PM GMT+9

“Weekend Briefing” is a weekly newsletter sent to subscribers of The Readable every Friday. Our journalists select important news items from the previous week on topics ranging from privacy to policy development in cybersecurity, all to help you stay abreast of the latest breaking issues. And not only is this provided free of cost to our subscribers, but the briefing contains new content exclusive to subscribers, such as our insightful industrial reports.


Hello! This is Dain Oh reporting from South Korea. President Yoon Suk-yeol left Buckingham Palace on Thursday, wrapping up a three-day visit to the United Kingdom which saw the signing of a series of bilateral agreements. Most notably among these, the Strategic Cyber Partnership is of special historical significance as it expresses the determination of South Korea and the United Kingdom to cooperate in cyberspace for the mutual benefit of one another. Two news articles on this landmark agreement are included in this briefing.

The latest findings regarding North Korean hacking attacks were covered by Kuksung Nam. Hackers from Pyongyang continue harvesting cryptocurrencies in creative ways while using phishing emails to access and steal sensitive information from victims in South Korea. A cybersecurity firm’s threat predictions for 2024 and several more stories can also be found in this weekly summary. Enjoy our stories, and we wish you a wonderful weekend!

1. South Korea, UK warn of North Korea’s hacking attacks after signing new cyber agreement

South Korean President Yoon Suk-yeol, left, and Prime Minister of the United Kingdom Rishi Sunak on November 22. The two leaders signed the Strategic Cyber Partnership at this meeting. Source: South Korean presidential office

Intelligence agencies in South Korea and the United Kingdom issued a joint cybersecurity advisory on Thursday, disclosing hacking techniques adopted by North Korea’s state-sponsored hacking groups.

On November 23, South Korea’s National Intelligence Service (NIS) and the U.K.’s Government Communications Headquarters (GCHQ) jointly published a threat report revealing that North Korea conducted a series of supply chain attacks, targeting popular software.

This is the first time that the U.K. government has announced a collective security recommendation with a nation outside the multinational intelligence alliance Five Eyes, comprised of the U.K., the United States, Canada, Australia, and New Zealand. A day before the announcement, the two countries’ leaders had a bilateral summit and signed a new agreement to strengthen their cooperation in cyberspace. READ MORE

2. Full scripts: South Korean President Yoon Suk-yeol’s speech at the British Parliament (November 21, 2023)

The President of the Republic of Korea Yoon Suk-yeol is speaking before the British Parliament on November 21. Source: The UK Parliament

Editor’s note: The President of the Republic of Korea Yoon Suk-yeol spoke before the British Parliament on November 21 during his three-day visit to the United Kingdom, hosted by King Charles III. In his speech, Yoon mentioned “cyber” three times, referring to “new mechanisms for intelligence sharing and cybersecurity cooperation.” Yoon’s visit to the UK coincides with the 140th anniversary of the establishment of diplomatic relations between South Korea and the UK.

On November 20, Yoon met with Rishi Sunak, the Prime Minister of the UK, and agreed to enter into a long-term partnership called the “Downing Street Accord” to elevate the two nation’s cooperation from the Broad and Creative Partnership to the Global Strategic Partnership. The enhanced partnership will focus on increasing technology sharing, defense cooperation, and supporting regional security at sea, on land, and in cyberspace, according to a statement issued by the UK government. READ MORE

3. North Korean hackers compromised more than 1,400 emails to harvest crypto

Designed by Sangseon Kim, The Readable

A North Korean state-sponsored hacking group compromised more than 1,400 individuals through an email phishing attack and then used the stolen credentials to steal digital assets, according to the South Korean police on Wednesday.

On November 22, the Korean National Police Agency (KNPA) disclosed the result of their ongoing investigation into a North Korean hacking group widely known as ‘Kimsuky.’ The South Korean police have been closely tracking the cybercriminals since they discovered, in December of last year, that they were behind the email phishing attack that targeted 49 experts in the fields of diplomacy, unification, national security, and defense.

The cybercriminals sent the malicious emails in April, May, and October of last year with the aim of collecting intelligence. In order to achieve their goals, the hackers posed as journalists and government employees—including posing as secretaries from the office of South Korea’s first elected North Korean-defector lawmaker Tae Yong-ho. READ MORE

4. Data recovery firm indicted for conspiring with ransomware hackers for four years

Designed by Sangseon Kim, The Readable

A South Korean entrepreneur who runs a data recovery firm was indicted on charges of conspiring with ransomware hackers for nearly four years, South Korean prosecutors announced on Monday. An employee of the firm was also indicted under the same charges.

In a press release, the Seoul Central District Prosecutors’ Office stated that the defendants worked with the ransomware hackers from October 2018 to July 2022. They allegedly worked side by side with the criminals and extorted more than 2 billion won ($2 million) from their mutual victims.

According to the statement, once the ransomware hackers encrypted the victims’ computers with malicious code, called the ‘Magniber,’ they shared a piece of detailed information about their attack with a handful of data recovery companies, including that of the accused. Once the Magniber ransomware encrypts a computer, it changes the file name extension into randomized five to ten-digit random lower-case letters. The defendants, under the auspices of their company name, publicized the name of the extension online, hoping to entice desperate victims into contacting them for a solution. READ MORE

5. South Korea’s government network collapsed for nearly 48 hours

Designed by Areum Hwang, The Readable

South Korea experienced a massive breakdown in its government network for nearly two days, leaving citizens and public service workers on edge before its full restoration on Sunday evening.

On November 19, the Ministry of the Interior and Safety (MOIS) held a press briefing and announced that they have fully restored the government network. South Korea faced a sudden network outage in its system early last Friday. The network failure caused various disruptions in the operations of public service workers, as they were cut off from accessing the internal government network called the ‘Saeol.’ It also resulted in the breakdown of online services, which enable citizens to be issued public documents without submitting an application manually to government employees. READ MORE

6. Press Release: Cybersixgill offers threat intelligence predictions for 2024

Designed by Areum Hwang, The Readable

Prediction #1: AI will evolve to become more broadly accessible while cybersecurity vendors continue to address the reliability, diversity, and privacy of data.

  • AI’s value is rooted in the breadth and reliability of data, which Cybersixgill predicts will significantly improve in 2024 as AI vendors advance the richness and fidelity of results.
  • AI will become broadly accessible to practitioners, regardless of their skillset or maturity level.
  • As concerns for data privacy with AI grow, companies will form their own policies while waiting for government entities to enact regulatory legislation. The U.S. and other countries may establish some regulations in 2024, although clear policies may not take shape until 2025 or later. READ MORE

7. [People] Lee Moon-hyung, Country Manager of South Korea, Automation Anywhere

Lee Moon-hyung, Country Manager of South Korea, Automation Anywhere

Lee Moon-hyung was appointed as the Country Manager of South Korea by Automation Anywhere on November 22. Prior to joining Automation Anywhere, Lee worked at AWS, Softomotive, Vormetric, Entrust, and VMware, overseeing the South Korean market. Lee wrote a book on robotic process automation (RPA), which was published in South Korea in June 2020.

8. [People] Mitchell Kim, Vice President & CTO, SSNC

Mitchell Kim, Vice President & CTO, SSNC

The cybersecurity firm SSNC announced on November 21 that Mitchell Kim joined the company as the Vice President and the Chief Technical Officer (CTO). Kim has more than 20 years of experience in cybersecurity consulting. Prior to joining SSNC, Kim served as a cybersecurity leader at Samjeong KPMG, supervising consulting and service businesses.

Subscription

Subscribe to our newsletter for the latest insights and trends. Tailor your subscription to fit your interests:

By subscribing, you agree to our Privacy Policy. We respect your privacy and are committed to protecting your personal data. Your email address will only be used to send you the information you have requested, and you can unsubscribe at any time through the link provided in our emails.

  • Dain Oh
    : Author

    Dain Oh is a distinguished journalist based in South Korea, recognized for her exceptional contributions to the field. As the founder and editor-in-chief of The Readable, she has demonstrated her expe...

    View all posts
Author:
Stay Ahead with The Readable's Cybersecurity Insights