[Weekend Briefing] Threats, old and new

By Dain Oh, The Readable
Mar. 1, 2024 10:35PM GMT+9

“Weekend Briefing” is a weekly newsletter sent to subscribers of The Readable every Friday. Our journalists select important news items from the previous week on topics ranging from privacy to policy development in cybersecurity, all to help you stay abreast of the latest breaking issues. And not only is this provided free of cost to our subscribers, but the briefing contains new content exclusive to subscribers, such as our insightful industrial reports.

“As risky as the Internet is, companies have no choice but to be there. The lures of new markets, new customers, new revenue sources, and new business models are just so great that companies have flocked to the Internet regardless of the risks. There is no alternative. Governments feel the same sorts of pressures: better ways of interacting with citizens, more efficient ways of disseminating information, greater involvement of citizens in government. The Internet is here to stay, and we’re going to be using it for more and more things regardless of the risks. This, more than anything else, is why computer security is so important.” — Testimony of Bruce Schneier on an “Overview of the Cyber Problem: A Nation Dependent and Dealing with Risk” at the United States House Hearing on June 25, 2003

A testimony made by a security expert two decades ago is strikingly compelling now. Over the last 20 years, cyberattacks have exacerbated as the expert said “[vulnerabilities] are getting worse faster than we are improving.” This week’s briefing includes some of the persisting threats, emerging risks, and developments in the cybersecurity realm.

This is Dain Oh reporting from South Korea, and here is your weekend briefing.

1. The I-Soon data leak, Chinese APTs, and implications for Southeast Asia

Designed by Areum Hwang, The Readable

On February 16, an unidentified individual uploaded data onto GitHub—a platform favored by software engineers—claiming that I-Soon, also known as Anxun in Mandarin, a Chinese IT security services firm, operates as an independent hacking contractor. The firm was accused of developing malicious software and conducting cyber espionage activities on behalf of the Chinese government.

Wu Haibo, the CEO of I-Soon and a renowned hacker recognized by the alias “Shutd0wn,” was previously a member of the “Green Army,” the first hacktivist group in China, established in 1997. Founded in Shanghai in 2010, I-Soon has since broadened its reach, establishing several subsidiaries throughout China. According to the Associated Press, conversations with two I-Soon employees revealed that Chinese officials are investigating the origins of the leaked files. Although the source of the leaks remains unknown, numerous cybersecurity experts deem the disclosed information to be credible.

Taiwanese security analyst @azakasekai_ first brought the I-Soon data leak to public attention and uncovered lists of victims that detail the scope of the data theft. The alleged victims span a range of sectors including government, telecommunications, healthcare, aviation, and academia across various countries. These countries include Afghanistan, Cambodia, Hong Kong, India, Indonesia, Kazakhstan, Kyrgyzstan, Malaysia, Mongolia, Myanmar, Nepal, Pakistan, Philippines, South Korea, Thailand, Turkey, Vietnam, Egypt, Nigeria, Rwanda, France, among others. READ MORE

2. South Korean police launch investigation into fabricated video of President Yoon Suk-yeol

Designed by Areum Hwang, The Readable

The South Korean police announced on Monday their pursuit of an individual suspected of producing a manipulative video featuring the country’s President, Yoon Suk-yeol.

During a press briefing, Cho Ji-ho, the commissioner of the Seoul Metropolitan Police, revealed that authorities have identified the username of the individual alleged to have uploaded the fabricated video. The police are actively investigating to uncover the suspect’s identity, delving into the nature of the criminal activities and the motives behind them. Further details were not disclosed by the Seoul Metropolitan Police, but officials confirmed to The Readable that a legal complaint had been lodged against the suspect for breaching the country’s defamation law.

Prior to the announcement, on February 21, the police had approached the Korea Communications Standards Commission (KCSC) to request the removal of the counterfeit videos. The KCSC swiftly convened an urgent meeting on February 23 and resolved to restrict access to 22 instances of fabricated content. According to their statement, only one video was labeled as “fictional” in its title, while the remaining 21 were misleadingly titled “A conscious confession speech of President Yoon Suk-yeol,” potentially leading viewers to mistake them for authentic statements. READ MORE

3. Shin Yong-seok appointed as new presidential secretary for cybersecurity

Shin Yong-seok, Secretary to the President for Cybersecurity. Photo provided by Toss. Image designed by Daeun Lee, The Readable

Shin Yong-seok, previously the Chief Privacy Officer at Viva Republica, was appointed as the Secretary to the President for Cybersecurity on February 26. Marking a significant departure from tradition, Shin’s appointment represents the first instance of a private sector professional being selected for this role. Since its establishment in March 2015, the position has been filled predominantly by experts from the military or the National Intelligence Service.

The Presidential Secretary for Cybersecurity is charged with formulating policies and strategies for national security as well as coordinating and managing current cybersecurity issues. Shin will report to the third deputy director of national security, a position recently created to oversee the nation’s economic security, science and technology, and cybersecurity efforts. Prior to the establishment of this role in January of this year, the cybersecurity secretary functioned under the auspices of the second deputy director of the national security office. READ MORE

Designed by Areum Hwang, The Readable

The legal dispute between the creators of ChatGPT, OpenAI, and The New York Times has escalated. OpenAI has asked a court to dismiss portions of a lawsuit filed by the news organization, which accuses the company of copyright infringement.

On February 26, OpenAI filed a motion in the United States District Court for the Southern District of New York, alleging that the news company had “paid someone to hack” its products. This claim was made to bolster OpenAI’s argument that the accusation of training its chatbot, ChatGPT, with unauthorized news articles by the news company lacks merit.

In December of last year, The New York Times took legal action against OpenAI and Microsoft, contending that these tech giants have created generative artificial intelligence tools by utilizing millions of news articles without authorization. To support their claims, the news organization pointed out that when prompted, the latest ChatGPT model produces responses that closely mirror, often almost verbatim, substantial segments of the company’s articles. READ MORE

5. South Korea cooperates with five Southeast Asian countries to counter drug crime

Designed by Daeun Lee, The Readable

South Korea’s intelligence agency has partnered with five Southeast Asian countries to tackle drug-related crime.

On February 27, the National Intelligence Service (NIS) announced the formation of the “Intelligence Coalition of Asia for Counter-Narcotics.” This new alliance includes intelligence and investigative agencies from the Philippines, Cambodia, Laos, Vietnam, and Thailand. The collaboration was officially established during an inaugural meeting in Seoul. However, the NIS did not specify the names of the participating organizations from the five countries.

The NIS explained that, in the course of the meeting, the six countries examined the growing presence of large-scale drug cartels within their borders and the challenges posed by drug trafficking in cyberspace. To combat these issues, the members agreed to enhance multilateral cooperation through the sharing of information in real-time and the execution of joint operations against transnational drug crimes. Additionally, they committed to developing and implementing a range of cooperative programs among the participating nations. READ MORE

6. South Korea to formalize division within intellectual property agency dedicated to combating technology leaks

Designed by Areum Hwang, The Readable

South Korea is advancing its efforts to safeguard critical national technologies. Three years after its creation, the division within the intellectual property agency dedicated to combating technology theft has been elevated to a regulatory division.

In a Tuesday announcement, the Korean Intellectual Property Office revealed that the Technology & Design Special Judicial Police, operating under the Intellectual Property Protection & International Cooperation Bureau, has been officially designated as a regulatory division. This development follows approval from the Ministry of Interior and Safety. READ MORE

7. [AFP] Hackers stole 'sensitive' data from Taiwan telecom giant: ministry

8. [Reuters] Bag with Paris 2024 data lost, possibly stolen, prosecutor says


The cover image of this article was designed by Areum Hwang.

Dain Oh is a distinguished journalist based in South Korea, recognized for her exceptional contributions to the field. As the founder and editor-in-chief of The Readable, she has demonstrated her expertise in leading media outlets to success. Prior to establishing The Readable, Dain was a journalist for The Electronic Times, a prestigious IT newspaper in Korea. During her tenure, she extensively covered the cybersecurity industry, delivering groundbreaking reports. Her work included exclusive stories, such as the revelation of incident response information sharing by the National Intelligence Service. These accomplishments led to her receiving the Journalist of the Year Award in 2021 by the Korea Institute of Information Security and Cryptology, a well-deserved accolade bestowed upon her through a unanimous decision. Dain has been invited to speak at several global conferences, including the APEC Women in STEM Principles and Actions, which was funded by the U.S. State Department. Additionally, she is an active member of the Asian American Journalists Association, further exhibiting her commitment to journalism.