By Kuksung Nam and Dain Oh, The Readable
Dec. 16, 2022 8:30PM KST
“Weekend Briefing” is a weekly newsletter that is sent to The Readable’s subscribers every Friday. Cybersecurity journalists for The Readable carefully select important news stories from the previous week and deliver them in a compact form. Topics encompass cybercrime, geopolitics, and privacy. There are no costs involved with a subscription, and some content, such as the monthly ransomware index report, is only available to those who subscribe to our newsletters.
Hello, this is Kuksung Nam and Dain Oh in South Korea. The Readable has picked five news articles to share with you. Have a great weekend!
1. Action is the key: South Korea and EU combine efforts on cybersecurity
South Korea and the European Union should go beyond words and take strong action as a measure to protect countries from cyber threats, an expert in information technology suggested Wednesday.
“We need action, not just talk. Well done is better than well said,” said Shin Yong-tae, a professor of Computer Science and Engineering at Soongsil University, during his speech at the Hongneung Defense Forum’s special session for South Korea and the EU, which was held on December 14.
The expert’s words come as cybercriminals’ activities are evolving rapidly, making it harder for individuals or companies to prevent them. Shin said that ransomware has occurred every 11 seconds as of this year, compared to 39 seconds last year. On average, three thousand websites are hacked every day. And more than 60% of organizations have experienced at least one form of cyberattack. To read the original reporting, click here.
2. [HDF 2022] South Korea and EU to build safer cyberspace
Leaders and experts from South Korea and European Union convened on Wednesday in an event, hosted by the Korea Institute for Defense Analyses, to discuss ways to strengthen their cooperation in cyberspace. Security was not the first issue that both countries had in mind fifteen years ago. However, as the Ambassador of the European Union to the Republic of Korea stressed in the keynote speech at the Hongneung Defense Forum, cyber has become “very important.” The Ambassador also stated that the forum could be a steppingstone to secure security cooperation between the two parties.
The Readable has highlighted some of the important statements by the presenters and discussants on the cybersecurity landscape and the efforts both parties should take to build a safe cyberspace.
[EU] Maria Castillo Fernandez, the Ambassador of the EU to the Republic of Korea
“Cyber is very important in the Indo-Pacific strategy. There is a lot on cybersecurity, such as cyber resilience and cybercrime. By speaking to an audience in South Korea, I don’t need to explain what the cyber threat is from DPRK. But we have that also from other countries, so it is a global threat. It also happens to European citizens. So, we need to find ways to work together on cyber.” To read the full story, click here.
3. Super app: Security issue that you should care in 2023
Smartphone applications are becoming more convenient for users, providing multiple services from chatting to shopping in a single operation. However, this trend could be putting users’ personal information at high risk, an expert in mobile security said Tuesday.
“If a traditional application was hacked and 10% of the users’ personal data was leaked, a super application could be left with 80% of their users’ private data exploited. There are more security risks regarding super apps,” explained Ko Bongsoo, leader of the Lifecare Planning Team at SK Shieldus, to The Readable.
A super app is an application that provides users with multiple services including messaging, shopping, making reservations, payments, and more. This could be compared with traditional applications which provide one or two specific services to users. According to Gartner’s report, more than 50% of the global population is expected to be using super apps on a daily basis by 2027. To read the original reporting, click here.
4. Financial security researchers dissected Masscan ransomware
The Financial Security Institute of South Korea released a cyber threat intelligence report on Wednesday regarding Masscan ransomware in an effort to prep private organizations against upcoming attacks. In addition to attack timelines, the report describes the tactics, techniques, and procedures, or TTPs, of Masscan ransomware in detail.
Unlike other ransomware, Masscan first encrypts desktop and shared network folders while using different encryption algorithms for database and compressed files, the researchers discovered. Once the encryption process is done, it adds “masscan” to the file extension string.
“The attacker stores extension information, encryption-related key information, and ransom note data in separate files and manages them separately to update ransomware and manage the damaged system,” the report stated. “The decryption tool also stores key information as a separate file. Until now, it has been impossible to recover encrypted files with decryption tools without the key information.” To read the original reporting, click here.
5. Opinion: Era of transformation and zero trust security
The recent Russia-Ukraine war began roughly an hour before the Russian invasion when a malware attacked Viasat, a private American satellite company used by Ukrainian forces, and attempted to disable Ukrainian military communications. The incident has shown that it is important to prepare for cyberattacks as well as for the shells and missiles of physical attacks in times of modern warfare.
Businesses also face new security threats. Digitalization has accelerated in all industries, and boundaries between organizations have disappeared, while attack surfaces for cybercriminals have widened. For example, remote working tools for collaboration and efficiency have exposed a large amount of internal information to malicious outsiders. The Colonial Pipeline ransomware incident, in which the attackers forced the largest oil pipeline operator in the U.S. to shut down for several days, shows that the latest digital technologies have not just contributed to digital transformation, but also increased the possibilities of cyberattacks. To read the full story, click here.
The cover image of this article was designed by Sangseon Kim.
Kuksung Nam is a cybersecurity journalist for The Readable. She covers cybersecurity issues in South Korea, including the public and private sectors. Prior to joining The Readable, she worked as a political reporter for one of the top-five local newspapers in South Korea, The Kyeongin Ilbo, where she reported several exclusive stories regarding the misconduct of local government officials. She is currently focused on issues related to anti-fraud, as well as threats and crimes in cyberspace. She is a Korean native who is fluent in English and French, and she is interested in delivering the news to a global audience.
Dain Oh is an award-winning cybersecurity journalist based in South Korea and the founding editor-in-chief of The Readable by S2W. Before joining S2W, she worked as a reporter for The Electronic Times, the top IT newspaper in Korea, covering the cybersecurity industry on an in-depth level. She reported numerous exclusive stories, and her work related to the National Intelligence Service led to her being honored with the Journalist of the Year Award in 2021 by the Korea Institute of Information Security and Cryptology in a unanimous decision. She was also the first journalist to report on the hacking of vulnerable wallpads in South Korean apartments, which later became a nation-wide issue.