By Dain Oh and Kuksung Nam, The Readable
Mar. 3, 2023 8:00PM GMT+9
“Weekend Briefing” is a weekly newsletter that is sent to The Readable’s subscribers every Friday. Cybersecurity journalists for The Readable carefully select important news stories from the previous week and deliver them in a compact form. Topics encompass cybercrime, geopolitics, and privacy. There are no costs involved with a subscription, and some content, such as the monthly ransomware index report, is only available to those who subscribe to our newsletters.
Hello! This is Dain Oh and Kuksung Nam in South Korea. During this week, there have been a few important announcements regarding cybersecurity around the world. Including those announcements, we have picked five news stories. Our monthly ransomware index report has just been published and is included in this week’s briefing, as well. Have a great weekend!
1. US, South Korea discuss new mechanisms against North Korean threats while announcing National Cybersecurity Strategy
A high-ranking officer in the United States Department of Defense disclosed on Thursday that the U.S. is discussing new mechanisms with the South Korean government to deter North Korean nuclear threats. On the same day, the U.S. Secretary of Defense Lloyd Austin asserted his intention to respond to North Korean provocations in coordination with the Republic of Korea. In the meantime, the White House reidentified the North Korean government as a malicious actor in cyberspace while announcing the National Cybersecurity Strategy.
“What we have been focused on over the last several months, and particularly since President Yoon came into office, is restoring elements of the alliance and elements of deterrence in the U.S. extended deterrence in ways that are in some instances unprecedented in response to what we are seeing out of the North,” said Ely Rattner, the Assistant Secretary of Defense for Indo-Pacific Security Affairs, during a discussion hosted by the Hudson Institute, referring to the working relationship between the U.S. and South Korean defense departments. Rattner further mentioned that the two countries are discussing “new consultive mechanisms” to enhance their understanding of strategic operations. “We have also been doing site visits with senior Korean officials to go to the U.S. strategic sites to actually see and understand and meet with folks there about what we are talking about in a very concrete way,” added Rattner.
On March 2, the Biden administration announced the National Cybersecurity Strategy, recognizing the importance of cybersecurity for the economy and national defense. The strategy indicates that the governments of China, Russia, Iran, and North Korea are malicious actors in cyberspace and are “aggressively using advanced cyber capabilities” to achieve their goals which are mostly against international norms. Emphasizing its responsibilities and the need for collaboration to defend cyberspace, the U.S. government suggested five pillars of its strategy as below.
― Defend critical infrastructure
― Disrupt and dismantle threat actors
― Shape market forces to drive security and resilience
― Invest in a resilient future
― Forge international partnerships to pursue shared goals
2. North Korea hacked activist group over propaganda leaflets
North Korea linked hackers stole the information of an activist group in South Korea who have been floating anti-North Korean propaganda leaflets across the border. The attack, which was conducted last September, was revealed on Friday by South Korean lawmaker Yoon Sang-bum, who received the information from the National Intelligence Service.
According to a document submitted by the NIS, the leaked data included detailed information, such as the profile photos and the dates and locations related to the group’s activities on propaganda leaflets. The nation’s intelligence agency concluded that this data could be used to identify specific individuals and contacted the police to provide personal protection.
The attack was conducted a month after the North Korean leader’s sister Kim Yo-jung had harshly criticized the leaflets, blaming them for the country’s covid-19 outbreak. Activist groups have been sending propaganda leaflets by balloons across the border, raising tension between both countries. In a statement last August, she stressed the need for deadly retaliation against those activities.
3. SK Shieldus being sold to Swedish private equity firm
South Korea’s biggest cybersecurity company is facing a change in ownership as its largest shareholder announced their plan to sell almost half of its shares to a Swedish private equity firm.
Park Jung-ho, the CEO of SK Square, revealed the company’s plan to sell their shares of SK Shieldus to EQT, an investment firm backed by Sweden’s Wallenberg family, during a press conference on Wednesday in Barcelona.
SK Square is the largest shareholder of the country’s top information security company, having a 63.1% stake in the company. The rest of the cybersecurity firm’s shares are owned by a consortium led by Macquarie Asset Management. To read the original reporting, click here.
4.  Forgot Password? How to manage passwords properly
Are you someone who always forgets passwords and finds yourself struggling to reset login information? Welcome to the club! It has only been more and more difficult to remember every single password for different types of online services. Some of us have dealt with this stress by reusing the same passwords for various accounts. However, this action carries significant risks to our lives online and plants the seeds of privacy exposure.
According to research by the cybersecurity industry, the average person reuses the same password as many as 14 times. Moreover, 72% of individuals reuse passwords in their personal lives, and 49% of employees only slightly adjust their passwords when they are forced to change their password at work by adding a digit or a character to the original passwords. On top of that, 73% of users appear to duplicate their passwords in both their personal and professional accounts. To read the full story, click here.
5. Ransomware index report: February 2023
The Readable’s subscribers can access a monthly ransomware report by S2W. The report includes specific numbers about ransomware groups and their victims in addition to the numbers of newly opened data leak sites by ransomware groups. By reviewing these numbers, our readers will be able to get an idea of the overall threat landscape of the ransomware ecosystem. Sojun Ryu for The Readable provides reports representing his team’s work regarding threat intelligence. To read the current report, click here.
The cover image of this article was designed by Areum Hwang.
Dain Oh is a distinguished journalist based in South Korea, recognized for her exceptional contributions to the field. As the founder and editor-in-chief of The Readable, she has demonstrated her expertise in leading media outlets to success. Prior to establishing The Readable, Dain was a journalist for The Electronic Times, a prestigious IT newspaper in Korea. During her tenure, she extensively covered the cybersecurity industry, delivering groundbreaking reports. Her work included exclusive stories, such as the revelation of incident response information sharing by the National Intelligence Service. These accomplishments led to her receiving the Journalist of the Year Award in 2021 by the Korea Institute of Information Security and Cryptology, a well-deserved accolade bestowed upon her through a unanimous decision. Dain has been invited to speak at several global conferences, including the APEC Women in STEM Principles and Actions, which was funded by the U.S. State Department. Additionally, she is an active member of the Asian American Journalists Association, further exhibiting her commitment to journalism.
Kuksung Nam is a journalist for The Readable. She has extensively traversed the globe to cover the latest stories on the cyber threat landscape and has been producing in-depth stories on security and privacy by engaging with industry giants, foreign government officials and experts. Before joining The Readable, Kuksung reported on politics for one of South Korea’s top-five local newspapers, The Kyeongin Ilbo. Her journalistic skills and reportage earned her the coveted Journalists Association of Korea award in 2021 for her essay detailing exclusive stories about the misconduct of a former government official. She holds a Bachelor’s degree in French from Hankuk University of Foreign Studies, a testament to her linguistic capabilities.