Tag Archives: korea

South Korea Elevates Cyber Threat Levels Following Data Center Incident that Triggered Hacking Nightmare

Posted on by
Reply

South Korea’s intelligence agency has elevated the national cyber threat level due to fears that hackers may exploit the chaos caused by recent fires in government data centers, which have disrupted crucial digital infrastructure nationwide.

The National Cybersecurity Centre, managed by the Intelligence Reporting Agency, has raised its alert from “Warning” to “Warning” as of Monday, highlighting fears that hackers could take advantage of the vulnerabilities during recovery efforts.

The incident occurred on Friday evening at the National Information Resources Service in Great Jeon, approximately 140 kilometers (87 miles) south of Seoul. This facility is one of three operational government data centers that handle critical digital infrastructure across the nation.

Workers had relocated a Lithium-ion battery from the server room on the fifth floor to the basement when the fire started. It spread to other nearby batteries and servers, resulting in one worker sustaining first-degree burns, while firefighters managed to extinguish the blaze after 22 hours.


By Saturday morning, officials had shut down 647 government systems to prevent further damage. Government email and intranet systems were offline, along with mobile identification services, postal banks, complaint portals, and major government websites.

Schools lost access to student records, and tax deadlines passed without being processed. Real estate transactions faced delays due to the inability to verify digital documents. The national crematorium reservation system was impacted, and many hospitals and transport terminals initially left citizens without physical identification cards.

As of 1 PM on Tuesday, 89 out of the 647 affected systems had been restored, including significant government portals, postal services, and identity verification systems.

Officials estimate that 96 of the affected systems have suffered complete failure, necessitating a recovery period of about four weeks as they are moved to a large backup facility. This disruption is expected to persist through Chuseok, the major public holiday in early October.

President Lee Jae Myung issued an apology on Sunday. During a crisis meeting, he expressed dismay at the lack of a backup operating system, stating, “It was a foreseeable incident, but there were no countermeasures. It’s not that the measures didn’t work; they simply didn’t exist.”

When questioned about the backup procedures, an official remarked that they were “driving without a map.”

The upcoming Asia-Pacific Economic Cooperation (APEC) Summit, set to be hosted in the southeastern city of Kyoto at the end of October, has raised security concerns as officials from the US, China, and other regions plan to attend.

In October 2022, a fire involving a lithium-ion battery at Kakao, the company behind the popular messaging app KakaoTalk, resulted in millions losing access to messaging, taxis, and digital payments, leading to national chaos.

Following the Kakao incident, parliament passed legislation mandating redundant systems and intervals between batteries and other equipment for internet service providers and data center operators.

The left-leaning Hankyoreh newspaper questioned what last week’s failures indicated about “a nation that prides itself on being an information technology powerhouse.”

In a similar vein, the conservative Dong-a Ilbo remarked that referring to South Korea as a digital leader has become “embarrassing.”

Lawmakers from both the ruling party and the opposition have traded blame regarding the responsibility for the crisis. President’s Chief of Staff Kang Hoon-Sik directed authorities on Monday to focus on resolving the issue rather than criticizing the previous administration.

Source: www.theguardian.com

Korea Delays Again in Making Google Maps Fully Functional

Posted on by
Reply

for tourists exploring Korea, a nation renowned for its technological advancements, navigating through the heart of its cities can be unexpectedly frustrating due to the ineffectiveness of Google Maps.

This may change soon, as South Korean authorities will deliberate on whether to permit the export of Google’s intricate mapping data to foreign servers. However, the decision has already been postponed for the second time this year on Friday to allow more time for security concerns to be addressed.

Such a decision would unlock features that enable the app to offer detailed guidance and show users optimal routes for their journeys.

This ongoing discussion has spanned nearly two decades, evolving into a broader examination of how democracy can strike a balance between digital sovereignty and economic openness. Local industry advocates have raised alarms about market control by foreign firms, while supporters of Google’s request argue that restrictions may hinder tourism and innovation.


South Korea is among a select few countries, including China and North Korea, where Google Maps is not functioning optimally.

While Google dominates online services globally, the digital landscape in Korea is primarily managed by local “portal” firms, Naver and Kakao.

These platforms offer wide-ranging services such as search engines, email, news, messaging, music, and maps, creating a robust ecosystem that has effectively resisted foreign technological dominance. Local companies supply accurate public mapping information but are obligated by law to store it on domestic servers.

Google does license similar data from local providers, but it is limited to displaying information like landmarks and local businesses, without the capability to give navigational instructions.

Security concerns and local opposition

Google asserts that it needs to distribute and process data through its global server network to provide real-time navigation services to billions of users worldwide, including those exploring Korean destinations from abroad.

The government has persistently refused to overlook national security risks.

Nonetheless, Google counters that the mapping data it seeks has already undergone security evaluations and that sensitive location details have been omitted. Furthermore, the same data is utilized by domestic competitors. Google has stated it would obscure satellite imagery of any sensitive sites should authorities require it.




Critics assert that granting Google’s request could create precedents for other foreign companies. Photo: Andrew Merry/Getty Images

There is significant resistance to Google’s requests. The Korean Association of Spatial Information, Research and Mapping (KASM), representing 2,600 local businesses, reported that 90% of the 239 member companies surveyed opposed it, fearing market domination by U.S. tech giants.

“The government must heed industry concerns,” cautions KASM Chairman Kim Seok-Jong, warning of potential “industrial decimation.”

Critics also caution that acquiescing to the request could set dangerous precedents for other foreign firms, especially those from China. Local reports indicate that Apple has similarly sought authorization.

The government argues that if Google establishes a local data center, like its domestic rivals, it can access detailed mapping data, which does not resolve the issue of processing this data on Google’s global servers.

In 2022, vulnerabilities related to such approaches were highlighted when one of Kakao’s data centers was set on fire, leaving messaging, mapping, and ride services inaccessible to millions.

The impact of tourism

Data from the Korean Tourism Organization reveals that complaints surged by 71% last year, with Google Maps accounting for 30% of all app-related grievances.

Francesco, an Italian tourist, remarked that he was “shocked” to discover that Google Maps was ineffective upon his arrival in Seoul for a week-long visit.

“It’s quite frustrating. I’ll look for restaurants reviewed on Google, only to have to switch to Naver Maps for walking directions,” he shared.

“I heard it’s a security issue,” said Reus, a French traveler. “But I sense it’s more about protecting local businesses.”

The restrictions have drawn criticism from tourism startups and tech advocates who assert that they will struggle to develop competitive services globally and hinder growth without access to standardized international mapping tools.

Previous governmental reviews in 2007 and 2016 both declined Google’s requests.

Currently, the interagency committee, which includes representatives from the Defense and Intelligence Reports, has extended the deadline twice, from May to August and once more to October, emphasizing the need for in-depth discussions with security agencies and industry stakeholders.

This matter has surfaced amid broader U.S.-Korea trade tensions, with the U.S. Trade Bureau identifying South Korea’s mapping constraints as a “non-tariff trade barrier.”

South Korea recently wrapped up trade negotiations to secure a 15% tariff, avoiding the original 25% threat. President Lee Jae Myung is set to meet with President Donald Trump at the White House in the upcoming days or weeks.

South Korea’s Ministry of Transport could not be reached for comment prior to the decision.

Google claims its map software assists individuals to “navigate and explore with confidence using fresh information about locations, roads, and traffic,” and that it “works closely with local governments to aid residents and visitors.”

Source: www.theguardian.com

Microsoft raises concerns about China’s potential disruption of US, South Korea, and India elections using AI technology

Posted on by
Reply

Following a dry run of Taiwan’s presidential election this year, China is anticipated to disrupt elections in the United States, South Korea, and India with artificial intelligence-generated content, as warned by Microsoft.

The tech giant predicts that Chinese state-backed cyber groups will target high-profile elections in 2024, with North Korea also getting involved, according to a report released by the company’s threat intelligence team.

“As voters in India, South Korea, and the United States participate in elections, Chinese cyber and influence actors, along with North Korean cyber attack groups, are expected to influence these elections,” Microsoft mentioned.



Microsoft stated that China will create and distribute AI-generated content through social media to benefit positions in high-profile elections.

Although the immediate impact of AI-generated content seems low in swaying audiences, China is increasingly experimenting with enhancing memes, videos, and audio, potentially being effective in the future.

During Taiwan’s presidential election in January, China attempted an AI-powered disinformation campaign for the first time to influence a foreign election, Microsoft reported.

The Beijing-backed group Storm 1376, also known as Spamoflage or Dragonbridge, heavily influenced Taiwan’s elections with AI-generated content spreading false information about candidates.

Chinese groups are also engaged in influencing operations in the United States, with Chinese government-backed actors using social media to probe divisive issues among American voters.

In a blog post, Microsoft stated, “This may be to collect intelligence and obtain accurate information on key voting demographics ahead of the US presidential election.”

The report coincides with a White House board’s announcement of a Chinese cyber operator infiltrating US officials’ email accounts due to errors made by Microsoft, as well as accusations of Chinese-backed hackers conducting cyberattacks targeting various entities in the US and UK.

Source: www.theguardian.com

North Korea and Iran have been found using AI for hacking, Microsoft reveals

Posted on by
Reply

Microsoft announced on Wednesday that adversaries of the United States, primarily Iran and North Korea, and to a lesser extent Russia and China, are starting to take advantage of generative artificial intelligence to launch or coordinate offensive cyber operations.

Microsoft disclosed that it collaborated with business partner OpenAI to identify and prevent numerous threats exploiting the AI technology it developed.

In a blog post, the company stated that these techniques are still in their early stages and are not particularly novel or unique, but they do broaden the capabilities of U.S. rivals to use large-scale language models to infiltrate networks and exert influence, emphasizing the importance of publicly exposing this.

Cybersecurity companies have been using machine learning to detect anomalous behavior within networks for years, but the introduction of OpenAI’s ChatGPT-led large-scale language model has intensified the cat-and-mouse game, as both criminals and aggressive hackers are leveraging it.

Microsoft’s investment in OpenAI is substantial, and the company noted in its announcement on Wednesday that generative AI is anticipated to power malicious social engineering and lead to the development of more advanced deepfakes and voice clones, at a time when disinformation is on the rise and threats to democracy are rampant, with more than 50 countries holding elections in a year.

Microsoft provided examples of how adversaries were using large-scale language models, including the disabling of AI accounts and assets for specific groups.

The North Korean cyber-espionage group known as Kimsky used the model to study foreign think tanks and generate content for spear-phishing hacking campaigns.

The Iranian Revolutionary Guards Corps utilized large-scale language models for social engineering, troubleshooting software issues, and researching ways to bypass detection on compromised networks, using phishing emails and accelerated email creation.

The Russian military intelligence unit, Fancy Bear, employed the model to study satellite and radar technology potentially linked to the Ukraine war.

China’s cyber-espionage group known as Aquatic Panda targeted various industries, higher education, and governments from France to Malaysia, with limited exploration of how large-scale language models can enhance technical operations, and another Chinese group, Maverick Panda, interacted with the model to gather information on high-profile individuals and regions.

On another blog, OpenAI announced that its current GPT-4 model chatbots are “limited to malicious cybersecurity tasks beyond what is already achievable with publicly available non-AI-powered tools,” a situation that cybersecurity researchers aim to change.

Jen Easterly, head of the U.S. Cybersecurity and Infrastructure Security Agency, informed Congress of the growing threat from China and the potential impact of artificial intelligence, stressing the need to develop AI with security in mind.

Amidst concerns about the irresponsible release of large language models, Microsoft and other companies are facing criticism for not taking focused action to address vulnerabilities, which has disappointed some cybersecurity experts who advocate for creating more secure underlying models to counter potential misuse.

Edward Amoroso, a professor at New York University and former AT&T chief security officer, emphasized the increasingly powerful role of AI and large-scale language models as potential weapons in cyber warfare, stating that they ultimately pose a threat to every nation-state.

Source: www.theguardian.com