SEOUL – Pro-Russia hacking groups have conducted cyberattacks against South Korea after North Korea dispatched troops to Russia to support its war against Ukraine, Seoul’s presidential office said on Friday.

The office held an emergency intra-agency meeting after detecting denial-of-service attacks on some government and private websites in recent days.

Some of the websites experienced temporary outages but there was no serious damage, it said, adding that the government will strengthen its ability to respond to such attacks.

“Cyber ​​attacks by pro-Russian hacktivist groups on our country have occurred intermittently in the past, but have become more frequent since North Korea dispatched troops to Russia and participated in the Ukraine war,” the office said in a statement.

Seoul and Washington have said there are more than 10,000 North Korean soldiers in Russia, and U.S. officials and Ukraine’s defence minister said some of them have engaged in combat in Kursk, near the Ukraine border.

The new military cooperation between Pyongyang and Moscow has been condemned by South Korea, the United States and Western allies. Ukrainian President Volodymyr Zelenskiy said on Tuesday that the first battles between his country’s military and North Korean troops “open a new page in instability in the world.” REUTERS

NEW YORK – T-Mobile’s network was among the systems hacked in a damaging Chinese cyber-espionage operation that gained entry into multiple US and international telecommunications companies, The Wall Street Journal reported on Nov 15, citing people familiar with the matter.

Hackers linked to a Chinese intelligence agency were able to breach T-Mobile as part of a months-long campaign to spy on the cellphone communications of high-value intelligence targets, the Journal added, without saying when the attack took place.

“T-Mobile is closely monitoring this industry-wide attack,” a company spokesperson told Reuters in an email.

“At this time, T-Mobile systems and data have not been impacted in any significant way, and we have no evidence of impacts to customer information.”

It was unclear what information, if any, was taken about T-Mobile customers’ calls and communications records, according to the WSJ report.

On Nov 13, The Federal Bureau of Investigation (FBI) and the US cyber watchdog agency Cisasaid China-linked hackers have intercepted surveillance data intended for American law enforcement agencies after breaking into an unspecified number of telecom companies.

Earlier in October, the Journal reported that Chinese hackers accessed the networks of US broadband providers, including Verizon Communications, AT&T and Lumen Technologies, and obtained information from systems the federal government uses for court-authorized wiretapping.

Beijing has previously denied claims by the US government and others that it has used hackers to break into foreign computer systems. REUTERS

WASHINGTON – Chinese state-affiliated hackers intercepted audio from the phone calls of US political figures including an unnamed campaign adviser of Republican presidential candidate Donald Trump, the Washington Post reported on Oct 27.

The FBI and the US Cybersecurity and Infrastructure Security Agency said on Oct 25 they were investigating unauthorised access to commercial telecommunications infrastructure by people associated with China.

Trump’s campaign and the FBI did not immediately respond to a request for comment.

The Post also reported the hackers were able to access unencrypted communications like text messages, of the individual.

Reuters reported on Oct 25 that Chinese hackers also targeted phones used by people affiliated with the campaign of Democratic presidential candidate Kamala Harris.

Trump and his running mate, J.D. Vance, were targeted, various media outlets reported last week.

The Trump campaign was made aware last week that Trump and Mr Vance were among a number of people inside and outside of government whose phone numbers were targeted through the infiltration of Verizon phone systems, the New York Times reported on Oct 25.

The Trump campaign was hacked earlier in 2024. The US Justice Department charged three members of Iran’s Revolutionary Guard Corps with the hack, accusing them of trying to disrupt the Nov 5 election.

Verizon said on Oct 25 it was aware of a sophisticated attempt to target US telecoms and gather intelligence and is working with law enforcement.

Congress is also investigating and earlier this month U.S. lawmakers asked AT&T, Verizon and Lumen Technologies to answer questions about reports Chinese hackers accessed the networks of U.S. broadband providers.

The Chinese embassy in Washington said last week it was unaware of the specific situation but said China opposes and combats cyber attacks and cyber thefts in all forms. REUTERS

SINGAPORE– The Cyber Security Agency (CSA) is starting a study aimed at raising the productivity and professionalism of cyber-security workers.

It may result in an outline of the competencies required of chief information security officers – known by the acronym Cisos – and their teams of security executives who are in high demand, given their key role amid surging cyber attacks.

Ms Veronica Tan, CSA’s director at safer cyberspace division, told The Straits Times: “For organisations, clarity in standards and desired skills at various roles will mean greater improvements in workforce competency and productivity.”

The study will involve industry players, training institutions and certification bodies, she added.

CSA’s plan comes as companies warm to the idea of designated cyber-security personnel, but sometimes find themselves hindered by limited budgets and a shortage of skilled talent.

Mr Nyan Yun Zaw, the first Ciso at Singapore cyber security advisory firm Athena Dynamics, said: “The industry turnover rate for Cisos is unfortunately pretty high because it is a highly challenging and stressful job.

“When the organisation faces a security incident, this is the first person everyone looks to.”

Chief information security officer, a title that arose up in the 1990s after Citibank appointed one following a cyber attack, have risen in prominence in recent years as some countries made mandatory disclosures of material cyber breaches or attacks.

There have also been high-profile cases of criminal charges taken against such officers, such as at Uber and SolarWinds.

Mr Zaw took on the job at Athena Dynamics just over a year ago when his company expanded it beyond IT infrastructure and support.

His background was a string of roles ranging from engineering, cyber security, programming, to business development and sales in the firm since its set-up in 2014.

He added to his expertise by becoming a Certified Information Systems Security Professional, a label granted by the International Information System Security Certification Consortium, also known as ISC2.

He said: “We felt that there is a need to have a dedicated Ciso since we are also part of a listed company.”

Cisos spend their time securing their companies’ assets, learning new threats and technologies, and working with cross-functional teams, he said.

He added: “Ciso is a management position, so it is important for a Ciso to be knowledgeable in various aspects of cyber ranging from governance, risk and compliance to network security architectures.”

In the 12 months leading up to September, job portal Indeed recorded 48 per cent of its postings in Singapore seeking communication skills in cyber security leaders, compared to 38 per cent specifying expertise in IT, and 16 per cent in information security.

Around the same time, the number of postings for such roles on its portal dropped 36 per cent, suggesting that firms might be filling positions through internal promotions or team restructuring, said Mr Saumitra Chand, Indeed’s career expert.

“This decline may be due to the demanding nature of leadership positions like Cisos, which require high levels of expertise and specialisation,” he said.

To help small and medium-sized enterprises (SMEs) or non-profit organisations that cannot afford designated security personnel, CSA launched its CISO-as-a-Service (CISOaaS) scheme in February 2023.

It has received about 200 applications so far.

Organisations tapping the scheme can use CSA’s panel of 19 vendors to audit their cyber health and guide them to attain CSA’s Cyber Essentials and Cyber Trust marks, with up to 70 per cent subsidies.

CSA is planning updates to the two marks to reflect new risks in cloud, operational technology and Artificial Intelligence (AI), said Ms Tan.

Digital agency Digipixel, which has used CISOaaS, said achieving both trust marks helped it gain trust from customers.

Its director, Mr Leon Tan, said: “Pooled services can sometimes lack industry-specific context, but our collaboration with CSA has been a productive exchange.”

Mr Dave Gurbani, chief executive at CyberSafe, an appointed vendor, said: “We start by conducting a cyber-security health plan, like a doctor’s check-up.”

The firm then helps its mostly SME clients work through their internal controls, configurations, policies, and training to pass the audits for CSA’s marks.

“Many SMEs still think of cyber security in terms of anti-virus tools or maybe a firewall. To put it simply, that’s like thinking you’re ready for the day just because you have your socks and shoes on,” Mr Gurbani said.

Gaps that frequently show up include outdated systems, misconfigurations from third-party vendors, and weak access controls like shared passwords and lack of Multi-Factor Authentication.

“Without guidance, these vulnerabilities can be hard to recognise and fix,” Mr Gurbani added.

Another vendor, Momentum Z, takes firms calling on the CISOaaS service through a three-pronged assessment of employees’ cyber-security basics, company’s processes and policies, and cyber-security infrastructure such as firewall, antivirus, back-up data use and endpoint security.

Chief executive Shane Chiang said he has had clients that have not changed passwords for six years, or who had been granting external vendors remote access to their network with no inkling.

He said: “’Clients are often surprised to learn the vulnerabilities in their systems, which reinforces the importance of having a Ciso to bring structure and foresight into cyber security.”

CSA’s 2023 cyber security health survey released in March noted that only one in three organisations have fully implemented at least three of CSA’s five categories of recommended measures.

More organisations need help with knowing what data they have, where the data is stored and how to secure the data, CSA’s Ms Tan said. Businesses are also weak at safeguarding their systems and networks against malicious software, as well as guarding access to data and services.

She urged more organisations to tap CSA’s tools to up their game, adding: “Unless all essential measures are adopted, organisations are still exposed to unnecessary cyber risks, especially as they accelerate digitalisation and adopt fast-evolving technologies such as AI.

“Partial adoption of measures is inadequate.”