By Kuksung Nam, The Readable
May 19, 2023 8:21PM GMT+9
“Weekend Briefing” is a weekly newsletter that is sent to The Readable’s subscribers every Friday. Cybersecurity journalists for The Readable carefully select important news stories from the previous week and deliver them in a compact form. Topics encompass cybercrime, geopolitics, and privacy. There are no costs involved with a subscription, and some content, such as the monthly ransomware index report, is only available to those who subscribe to our newsletters.
Hello! This is Kuksung Nam in South Korea. Next week, The Readable will be in Singapore to attend the pioneer journalism conference, or the New Now Next Media Conference (N3Con), as members of the Asian American Journalist Association (AAJA). Due to our participation, next week’s weekend briefing will not be published. We will be back in June with the latest cybersecurity news.
This week, the South Korean government announced its plan to invest nearly 400 billion won (almost $300 million) in developing cybersecurity technologies for five years, starting from 2025. The Ministry of Science and ICT stressed the need for a more aggressive approach to defend the country from advancing cyber threats. In addition, a cybersecurity expert from Mandiant, now officially owned by Google, shared his insight on the initial intrusion attack practice most frequently used in the APAC region last year. Alongside these two articles, we have included three other articles published this week. Have a great weekend!
1. South Korea plans to invest nearly 400 billion won in cybersecurity research
The South Korean government announced on Tuesday that they are planning to invest 391.7 billion won (approximately $295 million) in cybersecurity research and development. The announcement comes as the government strives to strengthen its deterrence against the evolving cyber threat landscape. According to an official of the cybersecurity planning division at the Ministry of Science and ICT, the investment will be focused on building proactive capabilities across all domains in cyber threat response. This includes developing technologies in tracking bad actors, sharing intelligence, and training professionals. The official added that the government aims to conduct this national project for five years, starting from 2025.
2. Stolen credentials are most frequently used to intrude in APAC, expert reveals
Cybercriminals actively used stolen credentials to gain initial access to their targets in the Asia-Pacific (APAC) region last year, according to a cybersecurity expert on Wednesday.
Oh Jin-suk, the head of security engineers in South Korea and North Asia at Mandiant, now officially owned by Google, stated that the most prevalent initial intrusion method against organizations in APAC was the reuse of extorted credentials. The company issued a report last April which analyzed approximately 1,100 cases of incident response from January 1 to December 31, 2022. To read the full story, click here.
3. Over 140 companies face fine for demanding private data from applicants
The Ministry of Employment and Labor imposed fines on more than 140 companies over the past three years for breaching the country’s fair hiring procedure act, which prohibits employers from requesting that applicants include personal information in their resumes, such as height, weight, and marital status.
According to the South Korean lawmaker Lee Joo-hwan on Monday, 1,199 cases were reported to the ministry from 2021 to March 2023 and 195 cases were concluded to be in violation of the fair hiring procedure law. The South Korean lawmaker disclosed the numbers based on the report he received from the Ministry of Employment and Labor. To read the full story, click here.
4. Online fraudsters use fake plane tickets to get personal data, researchers warn
Cybercriminals conducted a phishing attack aimed at extorting the personal information of individuals who planned to travel aboard during the holiday season, according to cybersecurity experts.
In a recent report by South Korean cybersecurity firm AhnLab, attackers expected the number of travelers to increase during the holiday season and distributed phishing emails disguised as online plane tickets issued by one of the country’s biggest airlines. South Koreans enjoyed a three-day holiday season from April 29 to May 1 and another from May 5 to May 7, celebrating Labor Day on May 1 and Children’s Day on May 5. To read the full story, click here.
5. Google will delete unused accounts for security reasons
Google will remove accounts and their contents that have been dormant for more than 2 years to protect users from security risks.
In a recent statement, Ruth Kricheli, the vice president of product management at Google, announced their updated policy on inactive accounts. Under the new rule, personal accounts that have not been logged in to for at least two years will be deleted starting from December. This includes account contents within Google Workplace and Google Photos. To read the full story, click here.
The cover image of this article was designed by Areum Hwang.
Kuksung Nam is a journalist for The Readable. She has extensively traversed the globe to cover the latest stories on the cyber threat landscape and has been producing in-depth stories on security and privacy by engaging with industry giants, foreign government officials and experts. Before joining The Readable, Kuksung reported on politics for one of South Korea’s top-five local newspapers, The Kyeongin Ilbo. Her journalistic skills and reportage earned her the coveted Journalists Association of Korea award in 2021 for her essay detailing exclusive stories about the misconduct of a former government official. She holds a Bachelor’s degree in French from Hankuk University of Foreign Studies, a testament to her linguistic capabilities.