[Weekend Briefing] Nations to hack

Updated Mar. 29, 2024 9:45PM GMT+9

“Weekend Briefing” is a weekly newsletter sent to subscribers of The Readable every Friday. Our journalists select important news items from the previous week on topics ranging from privacy to policy development in cybersecurity, all to help you stay abreast of the latest breaking issues. And not only is this provided free of cost to our subscribers, but the briefing contains new content exclusive to subscribers, such as our insightful industrial reports.

The United States Department of Justice has indicted hackers backed by the Chinese government, unmasking the individuals involved. Additionally, two countries from the Five Eyes intelligence alliance have leveled accusations against China. Beijing, however, has denied any involvement in the alleged cyber operations. Meanwhile, in South Korea, it was disclosed that there had been attempts to hack satellites at the end of last year, although it remains uncertain whether these efforts successfully breached their intended targets.

Collaborative efforts among cybersecurity defenders are gaining momentum. Numerous organizations have entered into agreements aimed at bolstering their threat response capabilities and enhancing security research. This article includes details on two such agreements. Additionally, it covers the escalation of penalties for trade secret theft and features a guest article on operational technology.

This is Dain Oh reporting from South Korea, and here is your weekend briefing.

1. US indicts seven Chinese hackers; China denies allegations

On Monday, the United States government announced the indictment and imposition of sanctions on Chinese state-sponsored hacking groups. These groups are accused of targeting high-level U.S. officials through various malicious cyber operations.

The indictment, unsealed by the U.S. Department of Justice, charges seven hackers with ties to the Chinese government. These individuals, referred to as threat actors, specifically targeted U.S. government officials, lawmakers, American businesses, and individual dissidents who are afforded protection under American laws.

The hackers, believed to be operating out of China, include the group known as Advanced Persistent Threat 31 (APT31), identified as a malicious cyber group. Since 2010, this group has conducted its cyber operations through Wuhan Xiaoruizhi Science and Technology Company (Wuhan XRZ). READ MORE

2. South Korean satellites targeted in cyberattacks last December

A national satellite facility situated in the southwest of the Korean Peninsula was the target of hacking attempts three months ago, as reported by several local news outlets this week. While the South Korean government has confirmed these attempts, it has not disclosed whether the hackers were successful in infiltrating the facility, stating only that necessary countermeasures were taken.

The Korea Satellite Operations Center, located on Jeju Island and inaugurated in late 2022, is a collaborative effort between the Ministry of Science and ICT and the National Intelligence Service under the auspices of the Korea Aerospace Research Institute (KARI). It manages low Earth orbit satellites, including the multipurpose KOMPSAT-3, also known as Arirang-3, which is primarily tasked with capturing high-resolution images of Earth.

As part of a broader national space economy initiative, the center is poised to become part of the forthcoming Korea Aerospace Administration, set to be established in May. The specifics of the hacking attempts, including the motives and the identities of the perpetrators, remain undisclosed. By Dain Oh, The Readable

3. Trade secret theft could result in up to 18 years of imprisonment

South Koreans could face up to 18 years in prison for leaking crucial national technologies abroad, following a new set of guidelines established by the Supreme Court, set to take effect in July.

On Tuesday, the Sentencing Commission announced the finalization of amendments to sentencing guidelines concerning technology theft. These revisions were made during a plenary session on March 25 and will be applicable to complaints filed after July 1. Affiliated with the Supreme Court, the commission initiated a review of the guidelines in June of the previous year and prepared a draft of the revised guidelines last January.

In line with the draft proposals, the commission has decided to implement new guidelines for crimes related to the leaking of national core technologies to foreign entities. Individuals found guilty of appropriating core technologies and transferring them overseas could face up to 18 years in prison. A total of 75 technologies have been identified as national core technologies, recognized for their significant impact on national security and the economy. These include technologies integral to the semiconductor, display, automotive, and shipbuilding industries. READ MORE

4. Opinion: Guardians of the industrial realm: Cybersecurity challenges in operational technology in 2024

Today, numerous organizations are rapidly merging operational technology (OT) and information technology (IT) networks. This integration is aimed at leveraging the data collected by physical machinery and devices within the Industrial Internet of Things (IIoT). By harnessing this information, organizations can pinpoint issues more effectively and boost their overall efficiency.

In addition, the dismantling of silos between IT and OT departments lessens the need for physical space and hardware. This convergence of IT and OT also leads to faster deployment times, cost reductions, and improved operational efficiency.

However, this merging of OT and IT networks significantly increases the need for cybersecurity. The constantly evolving and increasingly sophisticated cyber threats can now penetrate previously isolated OT environments. This vulnerability prevents many companies from fully benefiting from the integration of OT and IT networks. Below is an overview of the current threat landscape in 2024 and the potential risks organizations should be prepared for. READ MORE

5. National Intelligence Service partners with KAIST to strengthen cybersecurity research

On Tuesday, South Korea’s National Intelligence Service (NIS) and the Korea Advanced Institute of Science and Technology (KAIST) entered into a memorandum of understanding to join forces in cybersecurity research. A press release from the event detailed plans to set up a ‘cybersecurity research center.’ This new initiative aims to spearhead the development of cutting-edge national security technologies, with a focus on artificial intelligence and post-quantum cryptography. The signing ceremony saw key figures in attendance, including Cho Tae-yong, the Director of the NIS; Yoon Oh-jun, the Third Deputy Director of the NIS; Lee Kwang-hyung, President of KAIST; and Bae Joong-myeon, Director of the KAIST Institute for Security Convergence. By Dain Oh, The Readable

6. Financial Security Institute partners with National Data Center to boost cyber threat response

On Tuesday, the Financial Security Institute (FSI) and the National Intelligence Resource Service (NIRS) formalized a memorandum of understanding to enhance their response capabilities to cyber threats. The FSI is responsible for monitoring cyber threats targeting financial institutions, whereas the NIRS manages cybersecurity for South Korean government agencies and operates the country’s national data center for the administrative sector. The collaboration outlines a series of joint efforts including the sharing of threat intelligence, coordination in incident response, and promoting the secure adoption of emerging technologies. The agreement was signed by Kim Chul-woong, President of the FSI, and Lee Jae-yong, President of the NIRS. By Dain Oh, The Readable

More stories this week…

7. [WSJ] U.S. Publishes Draft Federal Rules for Cyber Incident Reporting

8. [Guardian] Julian Assange wins temporary reprieve in case against extradition to US

9. [BBC] Moscow attack: Debunking the false claims

10. [Mimecast] Report: Defending against ransomware

Please leave this field empty

Subscription

Subscribe to our newsletter for the latest insights and trends. Tailor your subscription to fit your interests:

Email Address *

By subscribing, you agree to our Privacy Policy. We respect your privacy and are committed to protecting your personal data. Your email address will only be used to send you the information you have requested, and you can unsubscribe at any time through the link provided in our emails.

Your subscription to The Readable's newsletter has been successfully processed. Welcome to our community of cybersecurity enthusiasts and experts!