“Weekend Briefing” is a weekly newsletter that is sent to The Readable’s subscribers every Friday. Cybersecurity journalists for The Readable carefully select important news stories from the previous week and deliver them in a compact form. Topics encompass cybercrime, geopolitics, and privacy. There are no costs involved with a subscription, and some content, such as the monthly ransomware index report, is only available to those who subscribe to our newsletters.
Hello! This is Kuksung Nam and Dain Oh in South Korea. The Readable has picked four news stories for this weekend, which include an interview article and a forecast report that you do not want to miss. We will take a winter break for next week’s briefing, but we will still be publishing news articles that have been prepared in advance. Have a great weekend!
1. Outsider’s eye: Real questions to ask to protect South Koreans online
South Korea was definitely not on the top of the priority list when a German based cybersecurity researcher first started his career back in 2003 as a software developer. Although he had encountered the country’s unique approach to online security from a German-born Korean friend in the early days of his career, his interest did not go beyond the online community where people occasionally had discussions about South Korea, the “last Internet Explorer stronghold” in the world.
But nearly twenty years later, just a few months after Microsoft officially shut down Internet Explorer, Wladimir Palant has come into the spotlight among none other than South Koreans. His series of publications, concerning South Korea’s online security applications, received an enormous amount of attention not just from cybersecurity experts but also from local media outlets who delivered the stories to ordinary South Koreans who have little to no background knowledge of online security.
The Readable reached out to Palant through his blog posts and conducted written interviews with him twice from January 11 to 20 to learn more about the story behind his disclosure. To read the full story, click here.
2. Chinese hackers deface a dozen South Korean websites
A Chinese hacking group, which calls itself “Xiaoqiying,” has attacked 12 South Korean institutions, making their websites inaccessible and covered with a warning that says “we declare the invasion to South Korean internet.” The websites have not been fully recovered so far.
It is referred to as a website defacement attack, which is when a hacker modifies content on a website without its operator’s permission. It typically happens when a hacker intends to show off his or her skill or to deliver a political message to targets.
Although it does not take a high level of knowledge about hacking to carry out website defacement attacks, South Korean government officials started security inspections and investigations in response to the hackers’ declaration of war on the nation’s public organizations.
On its Telegram channel, Xiaoqiying announced that its next target was the Korea Internet & Security Agency (KISA). In addition, the group claimed that they succeeded in hacking more than a dozen South Korean websites, which is the number publicly disclosed by the South Korean government.
According to the cybersecurity firm S2W, Xiaoqiying opened its Telegram channel at the end of last year and recruited its team members on January 3. On January 21, the group joined the underground forum Breached, which is where black hat hackers gather and share illicit information for financial objectives.
3. Hackers linked to North Korean government stole $100 million crypto, FBI says
The Federal Bureau of Investigation said on Monday that it had conclusively tied a North Korean hacking group to a major cryptocurrency heist of the U.S. cryptocurrency company Harmony.
The Lazarus group, which authorities believe works on the behalf of the North Korean government, was specifically named to be responsible for the theft of $100 million in digital assets from Harmony’s Horizon Bridge in June of last year. Horizon Bridge is a service which allows users to transfer their assets to other blockchains.
Researchers had allegedly suspected hackers linked to the North Korean government to be behind the crypto heist. The FBI said in a statement that North Korean hacking groups steal and launder crypto assets to support the county’s ballistic missile and weapons of mass destruction programs.
4. [2023 Security Outlook] 10 Keywords that will dominate threat landscape
As a global news outlet which specializes in cybersecurity, The Readable has reviewed dozens of forecast reports published by diverse organizations regarding the threat landscape this year. Out of various topics that were covered in those reports, The Readable has extracted 10 keywords that are most frequently mentioned and expected to dominate the field of information security in the upcoming months.
For each keyword, we have provided the definition, along with the sources that emphasized the significance of the subject. In addition, the reporters and researchers at The Readable, based on their expertise, have individually picked two keywords that are considered to be some of the most menacing threats in 2023 and elaborated the reasons for their choices. At the bottom of this report, there are links to the original reports for readers who may need additional research. To read the full report, click here.