[Weekend Briefing] Younger generations in cyber defense

By Dain Oh, The Readable
Dec. 1, 2023 11:10PM GMT+9

“Weekend Briefing” is a weekly newsletter sent to subscribers of The Readable every Friday. Our journalists select important news items from the previous week on topics ranging from privacy to policy development in cybersecurity, all to help you stay abreast of the latest breaking issues. And not only is this provided free of cost to our subscribers, but the briefing contains new content exclusive to subscribers, such as our insightful industrial reports.

Hello! This is Dain Oh reporting from South Korea. A drone hacking competition took place today, assembling Korea’s talented youth in the south of Gyeonggi-do to flex their hacking muscles. Kuksung Nam covered the event in person and shares the excitement from the participants’ point-of-view in her article on the event. In addition, a story about a cryptoanalysis contest was included in this briefing. We believe the younger generations in cyber defense should receive more spotlight, so that they can be more motivated in serving the public interest. I have included several more stories that are essential in terms of cyber safety. Enjoy our stories, and we wish you a wonderful weekend!

1. Cyber defenders compete in drone hacking contest

Team Odin won first place in the first drone hacking competition on December 1. Photo by Kuksung Nam, The Readable

As the clock turned its first digit number from one to two, eighteen cyber defenders locked their eyes on their laptop screens to face the six hurdles they must solve to become the winner of the world’s first drone hacking competition.

On December 1, the International Drone Hacking Competition, titled “Hack the DRONE Festival,” held its inaugural event on KyungHee University’s global campus situated in the South Korean city of Yongin. Five groups succeeded in securing their place in the finals after competing against 53 teams from three different countries in the tryouts: South Korea, the United States, and Egypt. The tryouts were conducted online from November 1 to November 17.

The finalists, each named Defenit, Odin, PwnersLab, SaturnX, and SSL, tackled six different challenges within the time limit of four hours. In one of the tasks, named the ‘Rubik’s drone,” the contestants have to manually target the drone in the right direction at the right angle. The information was given only after they succeeded in breaking into QGroundControl, a simulation application widely used to fly drones virtually. READ MORE

2. Young cryptographers solved problems together, winning national award

Won Sang-yun, from left, Choi Jun-hyeok, Joo Hyeon-cheol, and Jang Jung-ho. The four undergraduates at Korea University won first place at the 2023 Cryptoanalysis Contest. Photo provided by each member.

Four undergraduates who study cryptography at Korea University won first place in a national cryptoanalysis contest by deciphering six questions that encompass some of the most critical topics in information technology today, such as artificial intelligence (AI) and post-quantum cryptography (PQC).

The 2023 Cryptoanalysis Contest was held from May until August, hosted by the Military Cryptography Research Center, who reviewed the participants’ intellectual output in September. Participants were asked to address six questions over four months and then present a report on how they analyzed and solved each one.

For example, the first question, which comprised two parts of the challenge, required contestants to conduct an adversarial AI attack against images using perturbation methods and to prove that the attack was successful. Then the participants needed to demonstrate how an adversarial patch attack works when it is used to detect a traffic sign. READ MORE

3. South Korea issues guidelines on secure AI development alongside 17 countries

The South Korean intelligence agency released safety guidelines on artificial intelligence on Tuesday in collaboration with seventeen countries, stressing that cutting-edge AI technology must be developed and implemented with security in mind first and foremost.

On November 28, the National Intelligence Service (NIS) announced the publication of the collaborative work of twenty-three international cybersecurity agencies, called the ‘Guidelines for secure AI system development.’ Spearheaded by the United Kingdom and the United States, the task of drafting the new standards involved, in total, eighteen countries working in collaboration, according to the NIS. These countries include Chile, the Czech Republic, Estonia, Israel, Nigeria, Norway, Singapore, and the member states of the Five Eyes alliance. READ MORE

4. South Korea joins NATO’s Cyber Coalition for the first time

South Korea, in process of expanding its ties with the North Atlantic Treaty Organization (NATO) in the area of cyber defense, announced that it will participate for the first time in one of the world’s largest cyber defense exercises, hosted by NATO.

On November 27, South Korea’s Cyber Operations Command stated in a press release that eleven military officials will take part in the global cyber exercise, called the ‘Cyber Coalition,’ held in Tallinn Estonia until December 1. Three cyber defenders will participate in on-site training exercises consisting of virtual scenarios that simulate cyberattacks against critical infrastructure. They are expected to be joined by eight military officials who will participate remotely. Cyber defenders from thirty-four countries—representing both NATO members and the organization’s allies—will train together over a five-day period to hone their skills in countering cyberattack and increase their resilience in recovery. READ MORE

5. US blacklisted crypto mixer over alleged ties to North Korean hacking group

The United States Treasury Department imposed sanctions on Wednesday on a virtual currency mixer, accusing it of assisting a North Korean hacking group to launder its illicit proceeds.

On November 29, the U.S. Treasury’s Office of Foreign Assets Control (OFAC) stated that the sanctioned mixer, named Sinbad.io, was a “key money laundering tool” for the Lazarus Group. The Lazarus Group, which has also been under U.S. sanctions since 2019, is widely known for carrying out cyberattacks on behalf of the North Korean government, which authorities believe continue to generate funds for its nuclear and missile programs from illicit cyber activities. READ MORE

6. [Perspective] Cyber partnership between UK and Korea is a game changer in intelligence war

South Korean President Yoon Suk-yeol, left, and King Charles III in the United Kingdom on November 21. Photo: South Korean presidential office. Design: Areum Hwang, The Readable

About a week ago, the United Kingdom and South Korea jointly announced that they had entered into the Strategic Cyber Partnership and subsequently issued a collective advisory from both nation’s intelligence agencies regarding supply chain attacks from North Korea. This was the first time that the U.K. government published a security recommendation with a nation outside the Five Eyes alliance.

Joining the Five Eyes, a multinational intelligence alliance comprised of the United States, the U.K., Canada, Australia, and New Zealand—all English-speaking nations—has topped the agenda of South Korean national security officials since it has been recognized, due to real-life examples of incident response, that information sharing has become the key to defending the nation from cyberattack, which is an ever-growing and ever-evolving threat.

For example, the Korean Association of Cybersecurity Studies (KACS), a newly launched academic society that operates under the National Intelligence Service (NIS), hosted professors in international politics on multiple occasions this summer to learn how the Five Eyes operates and to discuss the latest changes in the way they function in order to determine how South Korea might prove valuable to the secret intelligence network. READ MORE

7. OPSWAT: 5 Cybersecurity Threats to Consider in 2024

  • The Rise of Ransomware-as-a-Service (RaaS)
  • AI and Machine Learning in Cyberattacks
  • Vulnerabilities in Supply Chains
  • Targeting Critical Infrastructure
  • Diverse IoT Ecosystem READ THE ORIGINAL REPORT


The cover image of this article was designed by Areum Hwang. This article was copyedited by Arthur Gregory Willers.

Dain Oh is a distinguished journalist based in South Korea, recognized for her exceptional contributions to the field. As the founder and editor-in-chief of The Readable, she has demonstrated her expertise in leading media outlets to success. Prior to establishing The Readable, Dain was a journalist for The Electronic Times, a prestigious IT newspaper in Korea. During her tenure, she extensively covered the cybersecurity industry, delivering groundbreaking reports. Her work included exclusive stories, such as the revelation of incident response information sharing by the National Intelligence Service. These accomplishments led to her receiving the Journalist of the Year Award in 2021 by the Korea Institute of Information Security and Cryptology, a well-deserved accolade bestowed upon her through a unanimous decision. Dain has been invited to speak at several global conferences, including the APEC Women in STEM Principles and Actions, which was funded by the U.S. State Department. Additionally, she is an active member of the Asian American Journalists Association, further exhibiting her commitment to journalism.