The Information Professional Association of Korea (IPAK) held a breakfast seminar on April 18th at the JW Marriot Hotel in Seoul. Joo, Dae Joon, vice president of Korea Advanced Institute of Science and Technology (KAIST) and director of National Security and Cyber Terror in KAIST spoke on the issue of ‘National Security and Cyber Terror’.
Professor Joo said “as Korea has higher rates of PC and the Internet usage, the country is highly vulnerable to cyber terrorism. However, not many – both public and private sectors - seem to be aware of cyber security yet. In April 2011, banking operations at Nonghyup were halted by cyber intrusion, leaving millions of customers unable to access their money for several days. It began as the outsourcing worker’s laptop was infected with malicious software and programmed to start the attack automatically. Nonghyup was not aware of the incident ever after their PCs were infected due to lack of cyber security awareness.”
He continued that “cyber crime is not an issue only in Korea.” In Eastern Europe, Estonia emerged as the most advanced e-societies since its independence in 1991. As online services have become routine: e-police, e-banking, e-taxes, and e-elections, the country is now described as e-Estonia. “In 2007, following the removal of a war memorial from downtown Tallinn, the country was subjected to a mass cyber-attack. Nearly all government ministry networks and two major bank networks were knocked offline. This led to a three week period of no internet in Estonia.”
Internet has moved from wired to wireless today, and is now moving toward an Internet of things: objects are embedded with sensors and gaining the ability to communicate. By 2020, we may see 100 billion devices connected to the Internet, and it will be more difficult to detect cyber crimes. The increased use of cloud computing will also make users uncertain of where the information is stored. Against this backdrop, he emphasized that “all the IT specialists gathered here should work together to handle cyber crime.”
The public is well aware of the seriousness of visible damages - physical terrorism and natural disasters. “Most Koreans remember the damages of typhoon Maemi. But not many seem to know the gravity of cyber attacks. The cost of damages from typhoon Maemi was around 3.5 trillion won (USD 3 billion). However, “Slammer” worm – an internet worm caused many home and business computers to temporarily lose their internet service of Korea in 2003 – cost nearly 7 trillion won (USD 6.1 billion).”
He stressed that laws, institutions and education for cyber crime should be dealt with at the national level. “We have the National Police Agency for physical terrorism but there is no government agency responsible for cyber security. Instead of expanding the role of the existing investigative agency, a new organization should be established to respond to the crime. Even the presidential residence should be able to see cyber issues and control them. The control tower should be created before the incident arises.” He added that promoting international cooperation is also necessary and urgent. As there is Interpol dealing with physical crime, a similar international organization for cyber crime should also be created.
It is important to prepare before the crime occurs. Currently, “KAIST is working to develop technologies for website vulnerability. The university is now identifying and analyzing malware code on peer-to-peer (P2P) file sharing websites that many young people commonly use. I believe this will help reduce the cyber crime rate. KAIST expects to attract more CEOs and CSOs to be better aware of the importance of information security. It is time to take cyber security seriously to make Korea fit the title of IT powerhouse.”
