Clik here to view.
SEOUL, KOREA - The cyber space has created a boundless platform for countries and people of different ethnicities and cultures around the world. We are witnessing the emergence of a faster, wider and richer global cyber village. It is our duty to continuously develop this cyber world but still ensuring security of information. To this end, the government has gathered all its resources for this very purpose.
In an active pursuit to establish a national cyber security framework in Korea, the president is currently keeping a tight supervision and pressing ahead towards the creation of an ultimate fortress for the cyber space in the country.
As the secretary-general of the NSC, the National Intelligence Service (NIS) is responsible for all sectors, including governmental bodies and other public and private agencies.
On the other hand, The Korea Computer Emergency Response Team Coordination Center (KrCERT/CC) of the Korea Internet and Security Agency (KISA) delegated by the Ministry of Science, ICT and Future Planning (MSIP) holds the responsibility towards the private sectors including the broadcasting, telecommunications and information communications industries.
Professor Ik-Kyoon Oh together with other professors working on the project and leading the pack has been zealously carrying out the government’s four-part intensive cyber security program. The ideas presented in this article represent a convergence of these experts growing concern and unparalleled specialty on the issue at hand.
Professor Oh is a Senior Researcher at the Cyber Security Research Center at KAIST (Korea Advanced Institute of Science and Technology) and a board member and chairman of the Cyber Security Working Committee of KIGA (Korea Internet Government Alliance). He has been an active auditor and consultant for ISO/IEC 27001 ISMS (Information Security Management System), Government-ISMS, and interested in the national cyber security policies and governance realization.
He worked for the SDN Committee for Academic Internet in 1986, and participated in the commercialization of the DACOM-Internet in 1994.
In 1996, he initiated the set-up of KRNIC KIX as the national internet infrastructure in Korea.
Finally, he was among the privileged participants of the recently concluded “2013 ITU WTPF” (World Telecommunications/ICT Policy Forum) held in Geneva.
Cyber Security Four-Part Strategy
The first part requires the establishment of a “three-tier defense system” that connects the international gateway, internet service providers (ISPs) and end users as well as organizations and other consumers to detect and block cyber attacks in advance. The size and number of D.DOS Cyber Urgent Shelters are also being expanded.
The second part of the program is the augmentation of the government’s secret management system and enhancement of its encryption system for the protection of confidential information and strengthening of security measures for critical social information infrastructure systems such as electronic power stations, gas pipelines, and transportation facilities.
Thirdly, by amending the “National Cyber Security Management Regulation” and promoting the enactment of related laws, the government can constitute a solid legal framework for cyber threats. Moreover, declaring an “Information Protection Day” and a “Clean Internet Campaign” at the national level can raise public awareness and expand the base of cyber security initiatives.
Lastly, with the goal of deterring cyber provocation and strengthening international cooperation, the government in concurrence with other leading countries and international organizations is continuously substantiating its bilateral and multilateral cooperative relations in cyber security areas.
How it all came about?
Since the 1980s, the Korean government has striven to build a knowledge information society under successive slogans such as Korea’s National Information Structure, Electronic Korea, Ubiquitous Korea, and Cyber Korea, and has promoted research and development, and industrialization of information and communication technology through long-term strategic approaches. Furthermore, the central government and local autonomous entities have been providing fully equipped online national administrative information services such as the e-Government initiative.
On January 25th, 2003, a worldwide internet shutdown caused Korea and so many countries to experience utmost inconvenience for hours. This was due to a bug in Microsoft’s database system which allowed the Slammer worm to cause domain name server failures and network outages.
Since Korea was heavily dependent on the internet at the time, the Internet outage had a huge impact on various areas such as national administration, industry, finance, education and healthcare. The Korean Network Citizens grew anxious over the rapid digitalization of the society.
The incident has stirred the Korean government’s recognition of cyber security as an important social infrastructure issue. To enforce nationwide cyber security measures by providing a comprehensive and systematic response, the government established the National Cyber Security Center in February 2004.
A few years later, on July 7th, 2009, Korea’s cyber security was again put to the test as Distributed Denial of Service or D.DOS attacks were launched against major websites and portals of the government, financial and banking systems and online shopping malls. D.DOS attacks are a form of cyber terrorism involving a simple technology with malicious intent. This threat has prompted another trigger point in the development of a much more reliable cyber security system.
Without the highest level of security, these threats could lead the government into a serious state of confusion especially if cyber attacks targeted the supervisory control and data acquisition (SCADA) system used for electric power, atomic energy, aviation, and the railroad and public transportation. The menace of social paralysis and even vitiated national defense could be attributed to an unarmed national social infrastructure.
To prevent such chaos, the Ministry of Defense created the Cyber Command in December of 2009 that gave birth to the Cyber Warfare Command Center that allowed timely and effective response to cyber terrorism and cyber warfare.