[Weekend Briefing] South Korea devalues significance of leaked Pentagon documents

By Dain Oh, The Readable
Apr. 14, 2023 7:20PM GMT+9

“Weekend Briefing” is a weekly newsletter that is sent to The Readable’s subscribers every Friday. Cybersecurity journalists for The Readable carefully select important news stories from the previous week and deliver them in a compact form. Topics encompass cybercrime, geopolitics, and privacy. There are no costs involved with a subscription, and some content, such as the monthly ransomware index report, is only available to those who subscribe to our newsletters.

Hello! This is Dain Oh in South Korea. It has been a chaotic week with the exposure of classified documents from the Pentagon and the hacking of the South Korean cryptocurrency exchange, which caused around $13 million worth of assets to be drained into an unknown wallet address. The Belfer Center at Harvard Kennedy School held a three-day forum to discuss security, including the North Korean cryptocurrency heists and the alliance between the United States and the Republic of Korea. In addition to these stories, I have included an interview article in this briefing, which gives insights into addressing the cybersecurity talent shortage. Have a great weekend!

1. South Korea devalues significance of leaked Pentagon documents

While the presidential summit with the United States comes in less than two weeks, the South Korean government is trying to deflate the controversies regarding the suspicions of wiretapping by the U.S., which were ignited by the leaked Pentagon documents.

The internal documents, circulated online first through the messaging social platform Discord, revealed that the U.S. Central Intelligence Agency eavesdropped on the presidential office of South Korea by operating signals intelligence (SIGINT), although both nations did not confirm the credibility of those documents as a whole.

A South Korean high-level official said on Thursday that “there is no evidence to confirm that the U.S. wiretapped South Korea, and there have not been malicious activities conducted by the U.S.,” according to South Korean news outlets. The official added that the leaked documents are irrelevant to the current bilateral relationship, considering false information and the time passed.

Meanwhile, the U.S. government announced that they arrested Jack Teixeira, a 21-year-old member of the Massachusetts Air National Guard, as a primary suspect in the exposure of classified military documents online. U.S. Attorney General Merrick Garland said on Thursday that the government is to charge him under a provision of the Espionage Act.

The presidential summit, which is scheduled to take place in the U.S. on April 26, has been attracting immense interest, coinciding with the 70th anniversary of the alliance between the two countries. A South Korean government official told the press on Thursday that the two nations will adopt a new document regarding cybersecurity collaboration at the summit, which includes the extension of information sharing.

2. US, South Korea experts call for practical cooperation to tackle North Korean crypto theft

At the fourth Korean Security Summit, professionals from South Korea and the U.S. are discussing ways to curb North Korea's cryptocurrency thefts. Source: The Readable

As North Korea continues their illicit cyber activities to fund the country’s nuclear missile programs, the leading experts in South Korea and the United States convened on Friday to discuss a practical partnership to hinder the North Korean cyber operations.

“We have to take care of not only the government actors, but also those in the private sector and academia,” said Kim So-jeong, a senior research fellow of the Institute for National Security Strategy and an advisor to the Korea-U.S. cyber security working group, at the panel discussion of the last phase of the fourth Korean Security Summit held by the Harvard Kennedy School Belfer Center’s Korea Project. “Through these cooperations, we can start joint threat assessments and provide evidence-based material for policy makers.”

The Korean Security Summit has been organized by the Korea Project since 2019, bringing together professionals from South Korea and the U.S. to discuss major security issues in the Korean peninsula. This year’s event, which was held for three days, covered some of the most prominent issues in South Korea, such as commemorating 70 years of alliance with the U.S. and addressing North Korean illicit cyber operations. To read the full story, click here.

3. South Korean crypto exchange GDAC hacked, losing $13M

Designed by Areum Hwang, The Readable

A cyberattack hit the South Korean cryptocurrency exchange GDAC on April 9, transferring over $13 million worth of various cryptocurrencies to an unknown wallet address. The stolen assets amounted to 23% of GDAC’s entire custody assets.

Issuing an urgent notice to its customers, GDAC confirmed the hacking attack on April 10. The exchange disclosed that the attack took place at 7 a.m. on Sunday, stealing nearly 61 bitcoins (BTC), 350.50 ethers (ETH), 10 million wemix tokens (WEMIX), and 220,000 tether tokens (USDT).

According to the cryptocurrency intelligence company Arkham, the hacking gang has swapped the unlawfully acquired USDT into ETH and sent 461 ETH to Tornado Cash, a cryptocurrency mixer that the United States has officially prohibited.

GDAC reported the cyberattack to the National Police Agency, the Korea Internet & Security Agency (KISA), and the Korea Financial Intelligence Unit (FIU) for investigation. While pausing transactions of assets and inspecting servers, the exchange promised its customers on Wednesday to make up for all of the damages which were caused by the hacking.

4. Godfather of cybersecurity talent in South Korea: former politician who devoted his life to training white hat hackers

Yoo Joon-sang, the president of the Korea Information Technology Research Institute (KITRI). Photo by Sukwoon Ko, The Readable

Talent shortage has been a deep-seated challenge in every industry, but it gets worse when it comes to information security. It was reported that an additional 3.4 million cybersecurity professionals were needed to protect organizations from threats worldwide, a 26 percent increase in the deficiency compared to the previous year, according to the (ISC)2 Cybersecurity Workforce Study 2022.

The workforce gap in cybersecurity is not just an economic issue, but is currently a national security concern as well. Based on this understanding, the United States government created a multi-agency initiative last year—a plan that established hundreds of apprenticeship programs to close the cybersecurity talent gap. Announcing the initiative, the U.S. Commerce Department stated that there were more than 700,000 unfilled cybersecurity positions in its nation as of last year.

In South Korea, there has been an apprenticeship program for more than a decade. Young people who dream of becoming white hat hackers swarm to this program, which offers world-class, quality training for over nine months without any participation fees. Trainees have the chance to learn from one of the best hackers in the nation while shaping themselves to be the next generation of cybersecurity leaders.

Behind the success of this project is Yoo Joon-sang, an 80-year-old politician-turned educator. Yoo started the cybersecurity talent program “Best of the Best (BoB)” in 2012 and has trained over 1,600 white hat hackers so far. The trainees in the BoB program won the DEF CON Capture the Flag (CTF) three times, (in 2015, 2018, and 2022), proving their capacity through the world-class hacking competitions. To read the full story, click here.

To learn about FPMS, click here. Image: SSNC

The cover image of this article was designed by Sangseon Kim.

Dain Oh is a distinguished journalist based in South Korea, recognized for her exceptional contributions to the field. As the founder and editor-in-chief of The Readable, she has demonstrated her expertise in leading media outlets to success. Prior to establishing The Readable, Dain was a journalist for The Electronic Times, a prestigious IT newspaper in Korea. During her tenure, she extensively covered the cybersecurity industry, delivering groundbreaking reports. Her work included exclusive stories, such as the revelation of incident response information sharing by the National Intelligence Service. These accomplishments led to her receiving the Journalist of the Year Award in 2021 by the Korea Institute of Information Security and Cryptology, a well-deserved accolade bestowed upon her through a unanimous decision. Dain has been invited to speak at several global conferences, including the APEC Women in STEM Principles and Actions, which was funded by the U.S. State Department. Additionally, she is an active member of the Asian American Journalists Association, further exhibiting her commitment to journalism.