By Dain Oh, The Readable
Jan. 19, 2024 8:52PM GMT+9
“Weekend Briefing” is a weekly newsletter sent to subscribers of The Readable every Friday. Our journalists select important news items from the previous week on topics ranging from privacy to policy development in cybersecurity, all to help you stay abreast of the latest breaking issues. And not only is this provided free of cost to our subscribers, but the briefing contains new content exclusive to subscribers, such as our insightful industrial reports.
Hello! This is Dain Oh reporting from South Korea. This week, two new faces covered headlines in the nation’s cybersecurity news outlets as the government confirmed leaders to safeguard jobs in cyberspace. South Korea’s cybersecurity policies are enforced along two pathways. The National Intelligence Service (NIS) takes charge of cybersecurity in the public sector while the Korea Internet & Security Agency (KISA) looks after citizens’ online security in the private sector. News articles regarding the two new leaders are covered in this briefing.
For our team on The Readable, two new faces have joined us as reporting interns. Please welcome Chanwoo Yong and Hongeun Im and look forward to the stories that they will soon bring to you. Brief introductions to our new reporters can be found below. Enjoy our stories, and we wish you a wonderful weekend!
1. Thailand agrees to cooperate with South Korea to counter cyber threats
South Korea and Thai officials agreed to cooperate against cyber threats from North Korea, the Ministry of Foreign Affairs (MOFA) announced on Wednesday.
Lee Jun-il, Director-General for the North Korean Nuclear Affairs Bureau, discussed cyber threats from North Korea with Bolbongse Vangphaen, Deputy Director-General of the Department of ASEAN Affairs at the Thailand Ministry of Foreign Affairs, and Luejit Tinpanga, Director of International Security Affairs at the National Security Council (NSC) of Thailand on January 16. Lee hosted a roundtable discussion on security threats from North Korea and later met with local media and international relations experts.
The meeting was convened to address a recent spike in North Korean cyberattacks on ASEAN countries as well as threats across the Korean Peninsula. Lee discussed the matter in Thailand, since the country will be the next Korea-ASEAN communication coordinator, beginning in August 2024 and ending after three years.
The officials conferred about the increase in North Korea’s IT personnel activities in Southeast Asia, a factor that may lead to cyber threats, and agreed to continue their discussions on determining ways to cooperate to address this issue. Lee also pointed out that North Korea is causing damage throughout the world beyond the ASEAN countries by hacking and stealing virtual assets. As South Korea is a primary target for North Korea, particularly after North Korea’s supreme leader, Kim Jung Un, declared that South Korea is the DPRK’s “biggest enemy” in the Supreme People’s Assembly on January 16, Thailand and South Korea agreed to cooperate in addressing this matter.
In addition, Lee stated that the Korean government will continue to support the cyber defense of ASEAN, protecting member nations from North Korean cyber threats and corresponding to “enhance ASEAN countries’ response capabilities to assist in handling virtual asset theft,” an initiative which began in October of last year. The project has provided education on cyberattacks against ASEAN countries, including Thailand. By Hongeun Im
2. GPS vulnerabilities in commercial airplanes
Aviation leaders will meet this month to tackle safety concerns arising from cyberattacks that spoof GPS systems, as reported by Reuters. These attacks have steered commercial aircraft off course, and the surge in GPS interference poses a threat to aviation security. To help explain this critical issue, this report will discuss general security challenges in civilian aviation without disclosing specific vulnerabilities.
To understand GPS safety concerns, the difference between GPS spoofing and GPS jamming must be noted. Spoofing is the practice of transmitting counterfeit signals to devices in order to deceive them into miscalculating locations. Jamming, on the other hand, uses radio frequency interference to overwhelm receivers with noise, rendering them unable to discern genuine satellite signals. Both issues pose problems but in different ways–one through manipulation, the other through confusion with interference. READ MORE
3. South Korea faces possible data breach affecting more than 1 million volunteer workers
The Korea National Council on Social Welfare disclosed a possible data breach that could affect more than one million volunteer workers, issuing a notification to users to change their passwords to prevent further damage.
On January 17, the Korea National Council on Social Welfare, which is an affiliate organization of the Ministry of Health and Welfare, said that the Volunteer Management System (VMS) suffered an intrusion on its website on January 7. VMS is a system where volunteers register their work in order to receive official certification for their efforts. It also works as a meeting place, connecting volunteer workers and recruiters. More than nine million volunteers are registered with the VMS. READ MORE
4. [People] South Korea appointed national security advisor as new chief of intelligence agency
Cho Tae-yong, South Korea’s national security advisor, is starting a new career as the South Korean government has finalized the appointment making him new head of the country’s intelligence agency.
In a January 17 press release, the National Intelligence Service (NIS) reported that during the inaugural ceremony Cho stressed that he would strive to build a stronger organization and a more trustworthy agency for South Korean citizens. The release further noted Cho’s comments on the crucial tasks the intelligence agency currently confronts.
“North Korea’s ambition to advance and deploy their nuclear and missile weapons programs has become more conspicuous. In addition, festering diplomatic and national security issues, such as the strategic conflict between the United States and China, are approaching a breaking point,” explained the new director. Facing a situation where national security has become intertwined with the economy, Cho requested that officials fortify their expertise and strategic mindset to prepare for the challenges ahead. READ MORE
5. [People] Korea internet security agency assigns new director
The Korea Internet & Security Agency (KISA) appointed Lee Sang-joong as their new director, who succeeded the former director to become the 7th head of the agency. Director Lee officially began his tenure with an inauguration ceremony held on January 18 at KISA headquarters in Naju, Jeollanam-do.
Lee has served as head of the cyber investigation unit at the Supreme Prosecutors' Office and as director of the Internet Crime Investigation Center at the Seoul Central District Prosecutors' Office, where he contributed to the nation's cyber investigation efforts. Since 2021, he has served as the director of the Cybersecurity Research Institute at Gumi University, recognized for his expertise and experience in cyber security policy, hacking response, digital forensics, and AI security.
In his inaugural speech, Lee stated that issues such as hacking and personal data breaches are rapidly threatening the digital world, not only by affecting the daily lives of citizens but also by hindering corporate growth and posing threats to national security. Lee said, “Creating a safe cyber environment for citizens and businesses and realizing a digitally secure nation will remain KISA’s key missions.”
Lee also outlined several objectives for KISA’s future: setting new visions and goals for a digitally safe society, strengthening the nation’s capabilities in information security and digital expertise organization, and promoting high-functioning, honest, and healthy organizational development through management innovation. By Chanwoo Yong
6. [People] Korean cybersecurity academic welcomes new president
Ha Jae-cheol took office as the 29th President of the Korea Institute of Information Security & Cryptology at the organization’s first meeting this year in Seoul. As the former president Won Yoo-jae handed over the position to the newly appointed president on Friday, Ha officially started his one-year term as president. Ha has been teaching at Hoseo University since 2007, after serving at Korea Nazarene University. He graduated from Kyungpook National University, where he received a PhD in electrical engineering. Since its establishment in 1990, the Korea Institute of Information Security & Cryptology has served as the nation’s most prestigious think tank on cybersecurity, acting as the nation’s primary research hub. By Dain Oh
7. Meet our new reporters: Chanwoo Yong, Hongeun Im
Chanwoo Yong is a reporting intern for The Readable. Majoring in cybersecurity at Korea University, Yong has an intense interest in cybercrime and cybercriminals as well as a passion for making cybersecurity and its surrounding issues understandable to the general reader. Yong aspires to become a bridge between cybersecurity experts and the public by translating the experts’ language into layman’s terms the public can understand. Yong has worked as a data engineer for an AI Platform belonging to Korea University Anam Hospital, where he participated in research titled “Deep Learning-Based Prediction Model for Gait Recovery after Spinal Cord Injury.”
Hongeun Im is a reporting intern for The Readable. Motivated by her aspirations in cybersecurity and aided by the language skills she honed while living in the United Kingdom, Im aims to write about security issues affecting the Korean Peninsula and lead more people to become interested in cybersecurity. She attends Gwangju Institute of Science and Technology, majoring in Electrical Engineering and Computer Science. Her interest in computer science led her to participate in the World Friends Korea volunteer program, where she taught Python at the Digital Government Center in Laos and at Al-Balqa Applied University in Jordan.
8. A glimpse inside a Chinese influence campaign: How bogus news websites blur the line between true and false
Editor’s note: Kuksung Nam’s investigative reporting which was published on January 12 has been updated to include a comment by the Korea Communications Standards Commission (KCSC) and the National Intelligence Service (NIS). READ MORE
More stories this week...
9. [Mandiant] Ivanti VPN exploited by hackers, using new zero-day vulnerabilities
10. [Skyhigh Security] White paper: Data protections for financial services institutions
11. [ProPublica] How Walmart’s financial services became a fraud magnet
The cover image of this article was designed by Areum Hwang. This article was copyedited by Arthur Gregory Willers.
Dain Oh is a distinguished journalist based in South Korea, recognized for her exceptional contributions to the field. As the founder and editor-in-chief of The Readable, she has demonstrated her expertise in leading media outlets to success. Prior to establishing The Readable, Dain was a journalist for The Electronic Times, a prestigious IT newspaper in Korea. During her tenure, she extensively covered the cybersecurity industry, delivering groundbreaking reports. Her work included exclusive stories, such as the revelation of incident response information sharing by the National Intelligence Service. These accomplishments led to her receiving the Journalist of the Year Award in 2021 by the Korea Institute of Information Security and Cryptology, a well-deserved accolade bestowed upon her through a unanimous decision. Dain has been invited to speak at several global conferences, including the APEC Women in STEM Principles and Actions, which was funded by the U.S. State Department. Additionally, she is an active member of the Asian American Journalists Association, further exhibiting her commitment to journalism.