*This is part III to the series on Korea's cybersecurity issues.
We all know that security is a vital investment for survival. In this article, I will cover:
- Issues involving China;
- Issues involving North Korea;
- Their implications;
- Evolution of cyberattacks, and APT;
- Korean government's plans; and
- Reactions to those plans.
For Korea, the biggest concerns are 'Chinese and North Korean hackers'. Some may remember the attack on the U.S. by Chinese hackers who succeeded in gaining access to secret designs and IP of U.S. weapons systems. So, when people say that China is strengthening their defense technology through state-sponsored hacking, I don't think that is a completely unreasonable speculation, especially given that China has also been a source of hacking attacks in South Korea for the past few years (although there is always a possibility that the hackers may not be Chinese - they can use the Chinese networks to hide their locations).
Also, some Koreans have the tendency to assume that "it's either the Chinese or North Koreans" when a hacking attack occurs. This is not unfounded because there has been leaks of personal information involving major corporations such as:
- SK Communications, one of Korea's biggest ISPs;
- Hyundai Capital, one of Korea's major consumer finance companies; and
- Nexon, arguably Korea's biggest gaming company (to name a few).
Also, Korea Internet & Security Agency (KISA) conducted a research that showed:
- 53% of hacking sources originated in China.
Implications regarding China
So what are its implications?
Strategically speaking, China stands as Korea's biggest trading partner and is a host to many manufacturing plants for South Korean companies which means that they can also be the one of the biggest rivals. Stolen data from Korean firms may be exploited for unfair competition.
I recently published an article that got published on e27 (you can read it here) talking about how there has been a simulated cyberattack carried out in an agreement between one of the Korean banks and the Korea Advanced Institute of Science and Technology (KAIST), revealing that the bank’s security protection can be broken into in a couple of weeks.
The Dean of KAIST's Graduate School of Information Security has commented that “cyber defense capability has emerged as vital to national security due to an increasing number of cyber attacks against major infrastructures.”
Implications regarding North Korea
North Korea also poses a serious cyber related challenge to Korea, along with China.
According to the Korea Herald, Kim Heung-kwang, former professor at Pyongyang Computer Technology University and member of the North Korea Intellectuals Solidarity group, said that the North was aggressively pursuing cyber warfare capabilities including attacks on smartphones and other mobile devices, plus hacks into personal computers.
“Pyongyang trains 300 cyber experts every year and some 3,000 hackers are now working for four cyber warfare units,” he said.
Evolution of cyber attacks - existing solutions not powerful enough
Hackers are "sprinting forward" with new technologies. However, Korea has been passive and have been remaining passive in building up its security solutions.
Another person from KAIST, Lee Chae-ho said that:
“malware can be massively spread to all users of websites very quickly, and then hackers could use the infected PCs as zombie computers for Distributed Denial of Service attacks or to steal financial data. The existing defense solutions are not powerful enough to respond to such sophisticated attacks.”
Advanced Persistent Threat - APT.
Hackers now prefer what is called “Advanced Persistent Threat,” or APT, together with DDoS in their assaults.
And Korea remains fully exposed to APT attacks. This is how it works:
- APT allows an unauthorized person to gain access to a network;
- They stay there undetected for a long period of time; and
- Hackers can steal data more effectively.
Robert F. Lentz, former deputy assistant secretary of defense at the International Conference on Information Security said that “nowadays many conglomerates in the world are helplessly attacked by APT. We need a paradigm shift from passive to active defense." Also, Shin Soo-jung, CEO of information security firm Infosec Co, said that “the existing security solutions cannot block APT attacks, so we need a new protection system,” said
Korean government's plans
Amid growing concerns over cyber security, the Korean government announced a comprehensive national cyber security plan at the beginning of this month.
According to the Ministry of Science, ICT and Future Planning, they plan to:
- Double the size of the domestic information security market to 10 trillion won ($8.76 billion) by 2017; and
- Provide systematic training to foster 5,000 cyber security experts.
Also, the Blue House (equivalent to White House; also known as Cheong Wa Dae) will act as a control tower of cyber security and the National Intelligence Service will handle working-level affairs. Korea's financial regulator announced its cybersecurity plan at the beginning of the month, and the Financial Services Commission will require banks to build a two-pronged network system to avert cyber attacks.
Reactions to the plans
Some experts, however, are skeptical of the government plan. Here are some opinions:
- Lim Jong-in, professor of information security at Korea University, said that there is "no detailed action plan [and therefore] it is questionable "whether and how the government will implement the project.”
- Jeon Sang-hun, CTO of Bitscan Inc. said that “separating the network system into two partitions is the very basic for strengthening security". It is obvious how enterprises here have considered cybersecurity as a part of the government’s regulation, but it’s time for them to realize that security is a vital investment for survival.
So: what do you think?