The South Korean government has announced it is to take wide-reaching Internet security countermeasures following the North’s recent long-range ballistic missile test.
An official spokesperson said, in a February 15 statement, “South Korea has tightened its security both in terms of threats from further long-range missile tests and the threat of cyberattacks. The level of threat has increased significantly since the termination of operations in the Kaesong Industrial Complex."
The Ministry of Science, ICT and Future Planning (MSIP) and the Korea Internet Security Agency (KISA) have announced that they will join forces with leading security industry to step up cyber protection in South Korea. An emergency dispatch operations team has been set up in order to combat web-based threats.
According to the MSIP, measures for enhancing preparedness include increasing workforce cyber protection had already been put into place in anticipation of increased tensions on the peninsula prior to the launch.
In August last year, training sessions for some 46,000 people were conducted at the agency’s headquarters in conjunction with affiliated agencies. Spokespeople say that the training primarily focused on procedural protocol and practical methodology to ensure proficiency in the event of national security and public safety emergencies.
The MSIP also announced it is stepping up efforts to prepare for potential worst case scenarios, including responses to large-scale DDoS (denial of service) or malware attacks on the websites of vaccine manufacturers, mobile phone carriers, search engines, web hosting companies and others.
The KISA also stated it was raising its cyber crisis alert status to a heightened level. Spokespeople confirmed the agency was taking proactive steps in accordance to increased cyberattack risk. The status was changed from “some likelihood” to “notable risk” level.
The agency said it was carrying out a 24-hour working system, including night operations and the formation of an emergency dispatch operations team, as well as increased malware monitoring efforts.
In light of the increased level of risk, KISA has urged caution to Korean web users. It says individuals and enterprises alike needed to take steps to avoid infection through email attachments and suspicious links. It also warned against applying security updates and patches from sources claiming to represent major software providers.
For its part, the Korean security industry says it has focused on strengthening checks for vulnerabilities and possible attacks on websites and intranet systems. This has taken the
shape of enhanced monitoring, focused employee training schemes and improved security guidelines, as well as more efficient incident reporting systems.
An industry insider explained, "In terms of internal security, agencies and experts are working hard to collect malicious code to prepare for the possibility of cyber terrorism.”
The expert also noted that other steps were also important in these times of increased tension on the Korean peninsula, including security controls, the introduction of dedicated security solutions, strict security protocols and improved security management.
The National Cyber Security Center has also stepped up its cyber security awareness, moving to "caution" status. The group center raised its Information Operations Condition (INFOCON) rating from level 3 to level 4 in the wake of the rocket launch.
