“Weekend Briefing” is a weekly newsletter sent to subscribers of The Readable every Friday. Our journalists select important news items from the previous week on topics ranging from privacy to policy development in cybersecurity, all to help you stay abreast of the latest breaking issues. And not only is this provided free of cost to our subscribers, but the briefing contains new content exclusive to subscribers, such as our insightful industrial reports.
On Tuesday, South Korean police released unprecedented statistics revealing the financial losses caused by romance scams. Additionally, a company is under scrutiny for allegedly stealing submarine cable technology. Meanwhile, the North Korean hacking group Lazarus reportedly laundered $150,000 through a Cambodian payment company. Experts in diplomacy also discussed South Korea’s role in the Indo-Pacific, with a particular focus on the cyber domain.
In addition, nationwide security experts gathered about two hours from central Seoul to discuss artificial intelligence and its security threats over a three-day conference this week. I attended the entire conference, and you can find the full stories on The Readable early next week.
This is Dain Oh reporting from South Korea, and here is your weekend briefing.
1. Romance scammers swiped over $30 million in first half of the year, South Korean police reveal
Romance scammers who exploited South Korean targets have reportedly swindled over 45 billion won ($32 million) from victims in the first half of this year. This information emerged for the first time as South Korean police started monitoring the impact of these fraudsters this year.
On Tuesday, the Korean National Police Agency (KNPA) disclosed that 628 cases of romance scams were reported to law enforcement officials between February and June. About half of these cases were reported in the past two months. These criminal activities resulted in financial losses totaling 45.4 billion won ($33 million), with nearly 25% of the losses occurring in March.
According to the police, the scammers targeted their victims through fake social media accounts, creating the illusion of a romantic relationship. After earning their victims’ affection and trust, they would request financial support. This often included asking victims to pay customs fees in advance on their behalf. In addition to this, the criminals extorted money by offering fraudulent investment opportunities, asking victims to exchange online points for cash, or by requesting funds for plane tickets and living expenses. READ MORE
2. Police investigate alleged trade secret theft of submarine cable technology
South Korean police are investigating an alleged theft of submarine cable technology involving the country’s two largest cable manufacturers. The situation is expected to escalate, as both companies announced on Monday that they may pursue legal action depending on the outcome of the police investigation.
According to local news outlets, the Gyeonggi Nambu Provincial Police searched the headquarters of Taihan Cable & Solution, the country’s second-largest cable company, on July 11. Authorities seized documents and will investigate whether submarine cable technology from LS Cable & System, the nation’s leading cable maker, was illicitly transferred to Taihan.
Last month, South Korean police revealed they are investigating an architectural firm for allegedly violating the Unfair Competition Prevention and Trade Secret Protection Act. The architectural firm worked with LS Cable & System from 2008 to 2023, during which they designed and oversaw the erection of four submarine cable plants. READ MORE
3. North Korean hackers laundered $150K in crypto through Cambodian payment firm
North Korea-linked hackers transferred $150,000 in cryptocurrency to a Cambodian payment company over an eight-month period to facilitate money laundering, Reuters reported on Tuesday.
The hacking group known as Lazarus transferred cryptocurrency worth $150,000 (approximately 208 million won) to the Cambodian payment platform Huione Pay from an anonymous digital wallet. According to Reuters, Lazarus used the firm to launder the funds over an eight-month period, from June 2023 to February 2024.
Two blockchain analysts who spoke with Reuters stated that the transferred cryptocurrency is theft proceeds stolen by Lazarus from three cryptocurrency companies in June and July of the previous year. The hacking group primarily used phishing attacks to gather the money. READ MORE
4. Expert explores cyber as South Korea’s pathway to becoming a key player in the Indo-Pacific
A South Korean expert highlighted the country’s proactive engagement in the cyber domain, suggesting it could position South Korea as a pivotal player in the Indo-Pacific region.
Jung Sung-chul, an associate professor at the Department of Political Science and Diplomacy at Myongji University, began his speech by discussing the role of nations in the Indo-Pacific region during the 10th Cyber National Strategy Forum held on Wednesday. The forum focused on the one-year cooperation between South Korea, Japan, and the United States following the trilateral summit at Camp David in August of the previous year—known as The Spirit of Camp David. The event was hosted by the Korean Association of Cybersecurity Studies.
Although a nation’s role on the world stage may be self-imposed, the expert emphasized the significance of roles established through relationships with other nations, particularly between powerful countries and smaller ones. Jung mentioned that South Korea is expanding its role following the Camp David summit. Referring to the joint statement, he explained that the U.S. is urging both South Korea and Japan to engage “across domains” and “across the Indo-Pacific and beyond.” READ MORE
5. South Korea-Japan cyber cooperation is key to realizing Camp David agreement, expert says
A year after the Camp David Statement, a national security expert highlighted the importance of South Korea and Japan enhancing their cybersecurity relationship, a state of affairs that could prove pivotal to the long-term success of the historic summit.
On August 18, 2023, United States President Joe Biden, South Korean President Yoon Suk-yeol, and Japanese Premier Fumio Kishida met at Camp David to address North Korea’s illicit cyber activities and discuss the steps that would be necessary to combat them. A year later, on July 17, security experts convened at the 10th annual Cyber National Strategy Forum in Seoul to assess the progress the three nations have made in meeting their stated aims.
Go Myong-hyun, director of the Hybrid Threat Research Center at the Institute for National Security Strategy (INSS), raised concerns about the relationship between South Korea, Japan, and the U.S. Both South Korea and Japan have active cybersecurity partnerships with the U.S., such as the South Korea-U.S. Strategic Cyber Security Cooperation Framework (SCCF) announced in April 2023, and the nine sessions of the Japan-U.S. Cyber Dialogue. However, the relationship between South Korea and Japan regarding the Camp David Statement has been largely nonreciprocating. The director said that improving cybersecurity cooperation is crucial for strengthening the relationship between South Korea and Japan. READ MORE
6. Giant telecom firm AT&T suffers data breach affecting 109 million users
The United States telecommunications giant AT&T, which serves over 114.5 million wireless subscribers, recently experienced a major data breach. Information on 109 million users was illegally downloaded and exposed on a third-party platform.
On July 13, AT&T disclosed on its website that nearly all of its customers’ data had been exposed. According to the company, the stolen data includes records of phone calls and text messages from March to October 2022, and January 2, 2023. The breach also compromised details such as the frequency and duration of calls and texts, as well as the phone numbers that interacted with AT&T customers during those times.
However, AT&T emphasized that the breach did not include personal information such as the content of calls or texts, dates of birth, or Social Security numbers. READ MORE
More stories this week…
7. [Reuters] Russian cybersecurity firm Kaspersky Labs to wind down US operations
8. [CNN] Hacker group claims it leaked internal Disney Slack messages over AI concerns
9. [The Wall Street Journal] Google Near $23 Billion Deal for Cybersecurity Startup Wiz
10. [Bloomberg] ASML-Backed University Caught in Middle of US-China Chips War
11. [The Hacker News] Iranian Hackers Deploy New BugSleep Backdoor in Middle East Cyber Attacks
12. [Sophos] Report: The State of Ransomware in Critical Infrastructure 2024
