“Weekend Briefing” is a weekly newsletter sent to subscribers of The Readable every Friday. Our journalists select important news items from the previous week on topics ranging from privacy to policy development in cybersecurity, all to help you stay abreast of the latest breaking issues. And not only is this provided free of cost to our subscribers, but the briefing contains new content exclusive to subscribers, such as our insightful industrial reports.
Since 2012, the second Wednesday of July has been recognized as Information Security Day in South Korea. During this year’s celebration, a white hat hacker emphasized the importance of adopting an offensive approach to cyber defense. “We can monitor adversaries’ activities by infiltrating their systems in advance,” said Park Chan-am, CEO of STEALIEN, in his keynote address. Kuksung Nam reported on his remarks, while Minkyung Shin captured key messages from high-level officials at the event.
South Korean President Yoon Suk-yeol attended a North Atlantic Treaty Organization (NATO) summit this week, where significant discussions took place regarding the current threat landscape. During the summit, member nations agreed to strengthen their cooperation against disruptors of peace, including Russia and North Korea, by enhancing intelligence sharing.
A must-read feature story by Hongeun Im explores the topic of confidential computing. For more insights, you can also find news on artificial intelligence, disinformation operations, North Korean hackers, fake applications, and supply chain security below.
This is Dain Oh reporting from South Korea, and here is your weekend briefing.
1. White hat hacker underscored offensive capabilities to defend against cyber threats
A South Korean white hat hacker emphasized on Wednesday the importance of taking an offensive approach in defending the country against cyber adversaries, suggesting that domestic cyber weapons be developed that are capable of deployment in crucial situations.
Park Chan-am, Chief Executive Officer at the South Korean cybersecurity company STEALIEN, noted that cyber electronic warfare has evolved to encompass all fronts, including space, land, sea, and air. His speech was delivered at the 13th Information Security Day Celebration held in Seoul. Since 2012, the South Korean government has designated the second Wednesday of July as Information Security Day, in remembrance of the nation falling prey to a massive distributed-denial-of-service (DDoS) attack on July 7, 2009, an event in which major government, news media, and financial websites were targeted by a large-scale botnet attack. READ MORE
2. South Korea emphasizes importance of cybersecurity with information security day event
The South Korean government marked its 13th Information Security Day with a conference and celebration. The event brought together domestic and international cybersecurity leaders and experts for keynotes, awards, and speeches.
Every second Wednesday of July is designated as Information Security Day by the South Korean government. The 13th Information Security Day event was held in Seoul, South Korea, featuring keynotes from three cybersecurity leaders, a conference with ten security experts, and an exhibition showcasing 18 security companies. READ MORE
3. South Korean President stressed strengthening cyber cooperation with NATO, including international exercise
On Thursday, South Korean President Yoon Suk-yeol emphasized the strong partnership that exists between the Republic of Korea and the North Atlantic Treaty Organization (NATO) in securing cyberspace against emerging threats. The two parties are deepening their cooperation, with NATO member states expected to join in a cyber exercise in Seoul.
In a meeting with NATO Secretary General Jens Stoltenberg, President Yoon stated that South Korea has been building strong solidarity with the military alliance of European and North American countries for the past three years. President Yoon was the first South Korean leader to participate in a NATO summit since 2022. The bilateral meeting took place on the last day of the NATO summit, which was held in Washington from July 9 to 11. READ MORE
4. NATO to enhance information cooperation with South Korea, says Secretary General
The North Atlantic Treaty Organization (NATO) is looking to enhance information-sharing systems between itself and South Korea to bolster the security of both entities, according to the NATO Secretary General on Wednesday.
NATO Secretary General Jens Stoltenberg informed reporters that NATO is seeking “better systems and methods for the exchange of information” between South Korea and its 32 member states. Stoltenberg emphasized that this initiative aims to enhance the overall security of both parties. The statement was made at the outset of the second day of the NATO summit held in Washington from July 9 to 11. READ MORE
5. Russia created nearly 1,000 AI-generated social media accounts to spread disinformation, says US Justice Department
On Tuesday, the United States Department of Justice announced in a press release that Russia had generated and orchestrated 968 social media accounts using an artificial intelligence ‘social media bot farm’. These accounts falsely posed as Americans, disseminating disinformation within the U.S. and internationally.
The Justice Department reported identifying 968 social media accounts on the platform X (previously known as Twitter) and seizing two domains matching the email addresses associated with these accounts. The Department disclosed that it had taken steps which led to the suspension of the X bot accounts, which were impersonating Americans. The accounts in question frequently posted content defending the Russian government and justifying Russia’s invasion of Ukraine in April 2022. READ MORE
6. Experts highlight the need for software supply chain security regulations
The “2024 Supply Chain Security Workshop” was held on July 11, where experts discussed the new “Software Supply Chain Security Guidelines 1.0,” announced on May 13. The experts emphasized the importance of the guidelines and agreed that industry-specific legislation should be implemented.
The “Software Supply Chain Security Guidelines 1.0” is a set of standards developed by a joint project involving the National Intelligence Service (NIS), the Ministry of Science and ICT (MSIT), and the Presidential Committee on the Digital Platform Government (DPG). These guidelines are the first in South Korea to introduce the Software Bill of Materials (SBOM) method, which lists all components and sources of software to track vulnerabilities. The guidelines outline how software developers, suppliers, and management companies should create and manage SBOMs. READ MORE
7. Feature: How big tech companies are using confidential computing to guarantee privacy
In recent years, leading tech companies have shown increasing interest in confidential computing, integrating it into their services. Multiple conferences focused on this technology were held in the first half of this year, including the GPU Technology Conference (GTC) and the Open Confidential Computing Conference (OC3) last March. Additionally, the Confidential Computing Summit, organized by the Confidential Computing Consortium (CCC) – which includes members like Microsoft, Google, Intel, and Nvidia – took place in June. This article will explain the applications of confidential computing and why it has garnered significant attention from major tech companies.
Confidential computing is an emerging technology in cybersecurity that ensures data remains secure even during computation and analysis. Traditionally, security concerns focused on data at rest or in transit. However, with the widespread use of cloud services in artificial intelligence, securing data in use has also become crucial. Since cloud services involve sharing CPUs or databases provided by third parties, there are concerns that cloud service providers might access an AI model’s training data while it is being processed in the CPU or GPU. Confidential computing addresses these concerns by ensuring that data in use remains inaccessible to unauthorized parties. READ MORE
8. Unification ministry warns of North Korea’s hacking in new publication
The National Institute for Unification Education (NIU), which falls under the Ministry of Unification and oversees unified education in both South and North Korea, released a publication titled ‘2024 Understanding North Korea’ on Monday.
The NIU has been releasing this publication annually since 1974 and distribute it to educational institutions. However, this is the first time that an issue describes cyber threats emanating from North Korea through a separate category. READ MORE
9. Human rights commission urged implementation of AI assessment in government policies
South Korea’s national human rights organization has raised concerns about the potential impact of artificial intelligence on civil rights, calling for the government to implement assessment procedures before establishing AI policies.
In a press release on Monday, the National Human Rights Commission of Korea (NHRCK) announced that they sent an opinion statement to the Minister of Science and ICT. This statement, which emphasizes the need to implement human rights assessments during the establishment of policies and projects related to artificial intelligence technology, was delivered to the science minister last May. READ MORE
10. Fake apps disguised as government programs being employed to steal personal information
Fake applications posing as government programs on Google Play Store, including one named ‘The Gyeonggi Pass,’ falsely promise to support users’ transportation fees while aiming to steal personal information and money, according to a Gyeonggi official.
Locating the city of Seoul in the heart of the area, Gyeonggi-do is the most populated province in South Korea. Just more than 14 million people reside in Gyeonggi province as of December 2023, according to the official statistics of the province, which excludes 9.3 million citizens of Seoul. READ MORE
11. South Korean police faced over 20,000 hacking attempts in past five years
South Korea’s police agencies have been a continual target of malicious actors, facing more than 20,000 hacking attempts in the past five years.
In a press release on Sunday, South Korean lawmaker Yang Bu-nam disclosed that the national police agency and its affiliated organizations experienced 20,008 hacking attempts from 2019 to 2023. The lawmaker noted that more than 1,600 attempts were made against law enforcement agencies from January to May this year, bringing the total to 21,645 cases. READ MORE