The Memo: 21—27 May 2024

The Memo from 21—27 May 2024: Summary of incidents, ranging from terrorism, covert actions, organised crimes to cybersecurity incident.

The Memo: 21—27 May 2024

In brief:

  • Explosive attacks reveal ongoing security challenges in Thailand's Deep South.
  • North Korea accuses US, South Korea of espionage, warns retaliation.
  • Hacktivists use ransomeware for political disruption amid regional tensions.

Terrorism and insurgency

1. Thailand

In Narathiwat, southern Thailand, two bomb explosions early in the morning resulted in one death and 13 injuries, including a police officer. The first explosion at 7:20 am targeted defence volunteers patrolling in Jok Irong, injuring six who were taken to Jok Irong Hospital. The second explosion occurred at 8:10 am in Kampung Air Jambu, Sukhirin district, injuring seven defence volunteers, with one volunteer later dying in hospital. No group has claimed responsibility for the attacks.

Why it matters: The latest incident underscores the ongoing security challenges in the Deep South, where insurgent activity remains a persistent threat to both local security forces and civilians. These regions have long been plagued by such violence, and the use of double explosions is a calculated tactic frequently employed by insurgents and terrorist groups to maximise chaos and casualties.

2. Bangladesh

On May 20, A group of armed men from the Rohingya Solidarity Organisation (RSO) attempted to abduct three youths from the Kutupalong Rohingya refugee camp in Cox’s Bazar, Bangladesh, intending to conscript them into Myanmar’s junta army. Refugees at the camp intervened and overpowered the RSO members. When police demanded the release of the RSO captives, refugees protested, leading officers to fire pellets, injuring over two dozen refugees, including children.

Why it matters: This marked the first public protest in Bangladesh against the abduction and forced conscription of Rohingya youths. Over the past three months, hundreds of Rohingya men and boys have been abducted from refugee camps in Bangladesh for conscription in Myanmar. Both Myanmar’s military and the rebel Arakan Army (AA) have been forcibly recruiting Rohingya to use as human shields. This situation has heightened the risks faced by the Rohingya community, exacerbating tensions and violence in the region.

Covert Actions

i. North Korea

North Korea accused the United States and South Korea of conducting aerial espionage and warned of immediate action if its sovereignty is violated. Deputy Defence Minister Kim Kang Il stated that from May 13 to 24, the US deployed dozens of military aircraft for espionage. He claimed these activities exceeded wartime levels and blamed them for escalating regional tensions. Kim also criticised South Korean naval forces for intruding across maritime borders under the guise of patrols, warning of serious consequences. Relations between the Koreas are at a low, with Pyongyang labelling Seoul as its "main enemy" amid ongoing joint military exercises with the US.

Why it matters: These allegations come at a time when relations between North and South Korea are already strained, with Pyongyang openly calling Seoul its "main enemy." This rhetoric and actions may heighten the risk of military confrontation. The situation also poses a challenge for international diplomatic efforts aimed at denuclearisation and peace on the Korean Peninsula.

Cybercrime and security breaches

i. The Philippines

Politically motivated hacktivist groups, particularly Ikaruz Red Team, are increasingly using ransomware to disrupt targets and draw attention to their causes, not for profit. Ikaruz Red Team, along with Turk Hack Team and Anka Underground, leverages leaked ransomware builders and has hijacked government branding to carry out these attacks. Since 2023, they have conducted defacements, DDoS, and ransomware attacks.

Why it matters: These actions, part of a broader wave of hacktivist activity in the region, highlight the rising geopolitical tensions and the strategic significance of the Philippines, making it an attractive target for civil disruption. Hacktivist groups like Ikaruz Red Team are using ransomware not just for financial gain but to make political statements and disrupt critical infrastructure, particularly in the Philippines, amid rising regional tensions with China.

ICYMI: Exclusive access to paid subscribers only...

Please feel free to share The Deep Dive with your colleagues. In addition, we would appreciate it if you could consider becoming a paid subscriber with our tiered subscription packages to support our publication. Your support will help us continue providing valuable insights to assist you in making operational decisions.

Subscribe to The Deep Dive

Don’t miss out on the latest issues. Sign up now to get access to the library of members-only issues.