Sohn Young-dong
The author is a visiting professor at the Defense Safety Research Center of Dongguk University.
The entire security system of the judiciary has been broken down following the breach of the executive and legislative branches. No government agency is free from a data breach, not even the National Election Commission. Can an individual government agency block a cyberattack by a state-backed hacking group? The National Intelligence Service (NIS) announced that there had been an average of 1.63 million attack attempts on public agencies by state-backed and international hacking groups last year. North Korea and China account for 89 percent of the attacks, at 68 percent and 21 percent, respectively.
I am stunned that the amount of leaked data from the court is over 1 TB. The court has not been aware of the hacking for the past two years. The administrator password of the court network was extremely simple, and it was not changed for six years. Until now, little effort has been made to check security vulnerabilities. As the computer that became the origin of malware used both internal and external networks, it is likely that this unit was omitted from the information asset identification.
The court only reported the incident to the authorities 10 months after it acknowledged the hacking. The lawsuit-related information leaked from the court include unique identification numbers as well as sensitive and credit information. The leaked information not only threatens individual safety, but also can be used to create fake news or fabricated information to incite social confusion and conflict.
Security loopholes of unchecked organizations were also revealed at the National Election Commission (NEC). According to the National Intelligence Service and the Korea Internet & Security Agency (KISA) that inspected the election watchdog’s system security in October 2023, vulnerabilities were found in voter registration, vote counting, and early voting systems. External groups could penetrate the internal network using conventional hacking methods. Just because the NEC is a Constitutional agency, it has not been inspected by the Board of Audit and Inspection for decades since its establishment. It degenerated into the dodo birds that cannot fly. Since the discipline collapsed, countless irregularities have been allowed in personnel appointments.
Since the July 7, 2009 DDoS attack, which was the prelude to a cyberwar on the Korean Peninsula, North Korea’s cyberattacks have been persistent, as seen in the March 20 cyberattacks, the hacking of the Korea Hydro & Nuclear Power, the hacking of the defense networks, the exploitation of virtual assets, the leakage of industrial secrets and even the attack on our judiciary system. Korean society as a whole is coming under reckless attacks. The cyber offensives are getting fiercer, but Korea’s shield is old and ragged.
Countermeasures are urgently needed. First, the security blind spots should be eliminated. Rather than having individual agencies to deal with hacking attacks, which are happening across the country, it should be handled at a national security level. Security is the collection of total capabilities built on national trust, and legislative and judiciary agencies are no exceptions. If they are slack on management and supervision just because they are independent agencies, they are standing in the cyber minefield that can explode anytime.
Second, cybersecurity readiness needs to be reinforced. As a digital transformation takes place, contacts and weaknesses will inevitably grow. Countless mutations can be created in the process of generative AI seeking gaps and writing malicious code. Prompt recognition, response and recovery are the best options. It is not something technology can solve alone. Specialists are deployed to the presidential office and the national security office for strategies, and a civilian-government-military cooperative system has been established. However, a system to support implementation is still insufficient.
Third, it is necessary to expedite the enactment of the “National Cybersecurity Act.” Neighboring countries are continuously enacting and amending cybersecurity-related laws in line with the changing environment. However, in Korea, the enforcement decree — the “Cybersecurity Operation Regulations” — serves as a basic law. The reason why related laws have been enacted and abolished repeatedly in the previous National Assembly is the concern about “Big Brother.” A device to check the power monopolizing information needs to be prepared. “Small Sister,” the voluntary monitoring power of random people, also can bring balance.
While it is hard for the laws and systems to keep up with the pace of technological development, effort should be made to close the gap. It is important that policies are constantly improved through challenges and trial and error to overcome uncertainty. It is necessary to secure high-quality manpower and drastically expand the budget for technological advantage. A solid cybersecurity system based on digital leadership should be the core of national strategy.
Translation by the Korea JoongAng Daily staff.
This post was originally published on 3rd party site mentioned in the title of this site
