|
안녕하세요, second 토픽이 없어서 제가 올립니다. 글이 좀기네요.질문만 읽으셔도 됩니다^^
N. Korea increasingly focuses on asymmetric warfare capabilities
This is the first installment
in a series of articles delving into South Korea’s cybersecurity challenges,
mostly posed by North Korea, and efforts to tide them over. ― Ed.
South Korea boasts cutting-edge digital
technology, efficient computer networks and the world’s top high-speed Internet
penetration rate. But behind these feats is an unpalatable truth: A
vulnerability to cyberattacks.
Cyber incursions by adversaries could paralyze
financial, traffic, aviation and power supply centers, broadcasting networks,
communications channels and state governance apparatuses, which could seriously
impact people’s lives.
North Korea has proved its will and capability
to mount such cyberattacks against South Korea in recent years, exploiting the
easy accessibility and anonymity of the transnational cyber domain, and the
difficulty of singling out a culprit for cybercrimes.
Analysts said that amid the fast spread of
cybertechnologies and tools, each individual nation and the international
community should focus more on crafting security measures and enhancing
multilateral cooperation to fend off cyberattacks, which could be as
devastating as physical military strikes.
“The continuously evolving multi dimensional
character of information and cyber operations enables new types of ‘force
multipliers’ ― the ability to operate rapidly against distant adversaries
without the commitment of combat personnel,” said Michael Raska, research fellow
at the S. Rajaratnam School of International Studies, Nanyang Technological
University.
Hackers also have “the ability to act in secret
by minimizing exposure, attribution and subsequent risks of counterattacks; and
the ability to use cyberweapons to disrupt, deny, destroy, or subvert key nodes
of critical national infrastructures. Together, these forms of attacks will
evolve into new types of weapons of mass effectiveness.”
Mindful of the catastrophic fallout from
potential cyberattacks, governments around the world including South Korea’s
have been striving to nurture cyber experts, called “white-hat hackers,”
develop their deterrence capabilities, and seek international collaboration.
But there has not been substantial progress,
with the world failing to reach consensus over various issues including how to
establish norms, laws and rules of engagement for cyberwarfare. Also, to what
extent restrictions should be imposed in the cyberrealm ― an issue some argue
could lead to a stifling of free, fair cyber activities.
In South Korea, cybersecurity has taken on
greater importance in its defense policy in recent years as Pyongyang has
launched a host of cyberattacks and electronic strikes by recruiting thousands
of specially trained troops including some based in China and other foreign
locations.
Pyongyang has used electromagnetic waves to jam
satellite traffic navigation signals in the South and launched a distributed
denial of service attack and other forms of cyberattacks on banks and the
websites of major businesses and public agencies including Cheong Wa Dae, the
National Assembly and the Defense Ministry.
Analysts said that the North has focused its
military attention on developing asymmetrical warfare tactics, including cyber
capabilities, as these can cause massive damage to its more affluent,
technologically advanced enemies at low cost.
The North’s focus on cyber capabilities
underscores its recognition that it cannot fight and win in a conventional war
with the South due to outdated military equipment and a lack of financial
wherewithal to wage and sustain a war, experts said.
“North Korea recognizes the technological
superiority of South Korea and the U.S. and seeks means to undermine that
superiority; cyberattacks can do just that,” said Bruce Bennett, senior defense
analysts at the U.S. think tank RAND Corporation.
“If North Korea really does have several
thousand hackers testing the Internet and businesses in the South on a
day-to-day basis, they have likely penetrated many computer systems and
established so-called ‘Trojan horses’ which they could turn to in a conflict
situation, and use to damage or take control of those computers.”
The anonymous nature of cyberspace has further
encouraged the North to pursue and actually carry out cyberterrorism, experts
said. Each time South Korea blamed the North for cyberattacks, Pyongyang denied
its responsibility, calling Seoul’s argument a complete “fabrication.”
In the wake of a series of North Korean
cyberattacks, Seoul has sought to strengthen cybersecurity by establishing a
cyberwarfare command, educational organizations and legal frameworks to push
for cyber protection. Yet, those efforts have lost steam due to budget
constraints, public apathy and growing conventional military threats from the
North.
“After the serious cyberattack on March 20 last
year, the presidential office of Cheong Wa Dae vowed to play a role as a
cybersecurity control tower. But there has not been any organization built yet
to enforce those efforts,” said Lim Jong-in, dean of Korea University’s
graduate school of information security.
“We have thought much about cybersecurity. But
those thoughts have not been put into action … part of the reasons why South
Korea’s overall cybersecurity remains still weak.”
Apart from national and military efforts,
private firms have also struggled to shield their computer networks from
cyberattacks that could have a detrimental impact on their corporate image and
protection of intellectual property.
“Basically, whatever our employees produce
online, we regard it as our intellectual assets, and we, therefore, try to
protect those assets considering that they might be linked with our trade
secrets or our firm’s confidential information,” said an official of a South
Korean conglomerate, declining to be identified.
“For cybersecurity, the company provides regular
educational sessions to constantly raise security awareness, and keeps on
strengthening physical protection mechanisms including one, for example, that
prevents an employee from storing company documents in portable hard-drives or
memory sticks.”
Analysts stressed that Seoul needs to establish
a comprehensive, long-term cybersecurity strategy including more systematic
measures to raise cyber specialists.
“Recognizing the progressive complexity of
cyberthreats is the first step toward conceptualizing, planning and integrating
a multilayered cyberdefense strategy in South Korea. South Korea’s defense
planners must project the role of cyberwarfare in possible future conflicts on
the Korean Peninsula,” said Raska.
“They must work to identify vulnerabilities, and
draft guidelines for potential contingencies. They must recruit the best cyber
specialists and pair them with defense and strategic experts; devise
partnership links with commercial information security firms, and educate
personnel.”
By Song Sang-ho (sshluck@heraldcorp.com)
Question)
1) Do you play computer game regularly? Which one?
2) How often do you access to internet service in a day and which domain?
3) Do you think which one is more reliable on hard-cover book or internet services?
4) Have you ever experienced with cyber swindle? Such as Smishing, Pharming, Phishing or Memory Hacking.
5) What do you think of above article and white hacker? Are you good at using a computer and longing for a white hacker?
FYI
스미싱이란: 문자메시지(SMS)와 피싱(Phishing)의 합성어로 '무료쿠폰 제공', '돌잔치 초대장' 등을 내용으로 하는 문자메시지내 인터넷주소 클릭하면 악성코드가 설치되어 피해자가 모르는 사이에 소액결제 피해 발생 또는 개인·금융정보 탈취하는 수법자세히 보기
파밍이란 : 악성코드에 감염된 PC를 조작해 이용자가 인터넷 '즐겨찾기' 또는 포털사이트 검색을 통하여 금융회사 등의 정상적인 홈페이지 주소로 접속하여도 피싱(가짜)사이트로 유도되어 범죄자가 개인 금융 정보 등을 몰래 빼가는 수법
피싱이란 : 개인정보(Private data)와 낚시(Fishing)의 합성어로 개인정보를 낚는다는 의미. 금융기관 또는 공공기관을 가장해 전화나 이메일로 인터넷 사이트에서 보안카드 일련번호와 코드번호 일부 또는 전체를 입력하도록 요구해 금융 정보를 몰래 빼가는 수법
메모리해킹이란 : 메모리해킹은 컴퓨터 메모리에 있는 수취인의 계좌번호, 송금액을 변조하거나, 보안카드 비밀번호를 절취한 후 돈을 빼돌리는 새로운 해킹방식으로 정상적인 인터넷뱅킹 사이트에 접속하였음에도 이체거래과정에서 금융거래정보 등을 실시간 위·변조하는 즉시 공격의 특징을 지님
MS Word file.
N. Korea increasingly focuses on asymmetric warfare capabilities.docx
|