Korea’s Approach to Network Security

download Korea’s Approach to Network Security

of 35

  • date post

  • Category


  • view

  • download


Embed Size (px)


Korea’s Approach to Network Security. 21 May 2002 Cha, Yang-Shin Ministry of Information and Communication. Contents. Advancement in the Information Society and New Threats Information Infrastructure Protection Act Information Infrastructure Protection Framework - PowerPoint PPT Presentation

Transcript of Korea’s Approach to Network Security

  • Koreas Approach to Network Security21 May 2002

    Cha, Yang-ShinMinistry of Information and Communication

  • ContentsAdvancement in the Information Society and New ThreatsInformation Infrastructure Protection ActInformation Infrastructure Protection FrameworkIncident Prevention and ResponseOther ActivitiesFuture Policy Direction

  • Advancement in the Information Society and New Threats

  • Rapid Growth in Information SocietyWorlds Best Info-Communication Infrastructure and Dramatic Increase of Internet UsersConnect Every Region of the Country with Info-Super-highwayApproximately 25 Million Internet Users (Dec. 2001)

    More than 7.8 Million Broadband Subscribers (Dec. 2001)

  • Importance of the Information Infrastructure Increased Dependency on IT Systems E-GovernmentE-BusinessE-EducationE-Healthcare, etc. Increased Interdependency National Administration Network, Korean Education Network, Online Banking, Electronic Commerce, etc.

  • Challenges & Threats to the Information SocietyHacking and Computer VirusViruses, Trojan Horses, Logic Bombs, Internet wormManipulation or Destruction of Operating Systems, Application Software or DataManipulation by InsidersManipulation of Communication LinksInformation Warfare, etc.





    hacking incidents

    Computer Viruses incidents

    < Hacking & Computer Virus Incidents in '99 - '01 >



    hacking incidents$572$1,943$5,333

    Computer Viruses incidents$39,348$50,124$65,033





    hacking incidents

    Computer Viruses incidents

    < >



  • Information Infrastructure Protection Act

  • Legislation ( Background I ) MICDirector General for Information Security Cyber Crime Investigation bodies in Public Prosecutors officeInternet Crime Investigation Center, SPPOComputer Crime Investigation Squad in 20 District PPOKNPACyber Terror Response CenterMoD, NIS, MoGHHA, etcKorea Information Security Agency, etc

  • Legislation ( Background II )Facilities protected by Diverse Laws in each SectorsFocused on Physical ProtectionInsufficient Counter-Measures against Cyber-AttackOutbreak of Cyber-Attacks on Internet Web-sitesDoS Attack on Yahoo, CNN, e-Bay, etc. (Feb. 2000)Enormous Econo-Social Damage due to Cyber-AttackNeed for Overall Info-Communication Infrastructure Protection Initiatives

  • Information Infrastructure Protection Act ( 1 )Developments Ministerial Meeting on the Prevention of Cyber-Terrorism (Feb. 2000) Decided to Legislate a Law covering Comprehensive and Systematic Information Infrastructure Protection and Counter Measures against Cyber-Terrorism Legislation Committee (Feb. 2000 to Dec. 2000) Enactment of Information Infrastructure Protection Act (Jan. 2001) Effective from July 2001Framework for II Protection

  • Information Infrastructure Protection Act ( 2 ) OutlinesEstablish Governmental Framework for Information Infrastructure ProtectionCommittee on Protection of Information InfrastructureCII Related MinistriesInfrastructure Management BodiesProtection MeasuresSelection and designation of CII Vulnerability Assessment => Protection Measures & Plans

  • Information Infrastructure Protection Act ( 3 ) Outlines (Cont.)Prevention & ResponsePrevention : Security Guideline, Protection MeasuresResponse : Security Warning, RecoveryTechnical Support Development of TechnologiesInternational CooperationSeverer Punishment for Cyber Crimes against II

  • Information Infrastructure Protection Framework

  • Overall Government Protection Framework ( 1 )Committee on the Protection of Information InfrastructureChair : Prime MinisterMembers : Ministers related to CII Mission : Deliberation and Coordination of Selection of CII and Security Plans and PoliciesMinisters related to CIIDesignation of CII, Establishment of Security Plan Security Guidelines, Demand/Recommendation of Security Measures

  • Overall Government Protection Framework ( 2 )CII Management bodiesVulnerability Assessment, Security Measures Cyber Incidents Prevention and Response Technical Supporting bodiesAccredited Vulnerability Assessment bodiesKISA ETRIInformation Security Consulting Service ProvidersTechnical support in vulnerability assessment, Security Measures Implementation, Prevention and Response

  • Designation of CII ( 1 )Information Infrastructure Electronic Control and Management Systems Information Systems and Communication Networks, etc.Critical Information InfrastructureHave Major Impact on National, Economic and Social SecurityDesignated by Ministers through Committee on the Protection of Information Infrastructure

  • Designation of CII ( 2 )Criteria for Selection Importance of its Service to the People and NationReliance on CII in Performing its MissionsInterconnection with other Information and Communication InfrastructuresScope of Impact on the Defense or Economic SecurityHigh Incidence, Difficulties of Efforts Needed for the Restoration

  • Vulnerability Assessment WhoCII Management BodyWhenWithin 6 Months after the Designation of CIIRe-Assessment in Every Other YearHowAssessment by Infrastructure Management Body by assistance of Technical Supporting bodies Technical Supporting bodiesKISA, ETRI, Information Security Consulting Service Provider

  • Plan & Measures for Protection Infrastructure Management BodyAfter the Assessment, Develop Security MeasuresSubmit Security measures to the Ministry ConcernedMinistriesCombine Individual Infrastructure Protection Measures to form a Security Plan under their Jurisdiction Committee on the Protection of Information InfrastructureReview and Coordinate Security Plans Developed by Ministers

  • Support ( 1 )Korea Information Security Agency(KISA)Develop and Disseminate Information Security GuidelineUsed by Infrastructure Management Bodies and IndustriesVulnerability AssessmentDevelop Security Measures, Provide Technical Support for Prevention and RecoveryDevelop and Disseminate II Security Technology

  • Support ( 2 )Information Security Consulting Service Provider(ISCSP)Authorized by MIC to Provide Consulting Service regarding Vulnerability Assessment and Security Measure on CIIDesignation RequirementsMore than 15 Qualified Technical EngineersCapital greater than 2 Billion KRW (USD 1.5 M)Equipments provided in Presidential Decree

  • Support ( 3 )Information Sharing and Analysis Center(ISAC)Prevention and Response to Incidents in Specific Sectors such as Financial or TelecommunicationMissionReal-Time Warning and Analysis on IncidentsProvide Information on Vulnerabilities and CountermeasuresVulnerability Assessment if Accredited by MICTelecommunication ISAC established, Financial ISAC to be formed soon

  • Incident Prevention and Response

  • Incident Response and Recovery ( 1 ) Incident ResponseSelf Response by Infrastructure Management BodyReport to Minister, KISA or Investigation Offices If Necessary, Request for Technical Assistance from Technical Supporting bodies such as KISA, ETRIFor Large Scale Incidents, Establish Temporary Incident Response Headquarters

  • Incident Response and Recovery ( 2 )RecoveryPrompt and Necessary Steps to Restore and Protect CIIIf necessary, Request for Technical Assistance from KISAInternational CooperationShare Information on Vulnerability and Incident Responses (FIRST, APSIRC, etc)Collaborative Incident Investigation

  • Incident Response and Recovery ( 3 )Incident Response HeadquartersEstablished Temporarily, When Large Scale Incidents occurs, by the Chairman of the Committee on the Protection of Information InfrastructureMissionEmergency Response, Technical Assistance and RecoveryMembersChief : Appointed by the Chairman(the Prime Minister)Members : Government Officers from the CII related Ministries, Civil Specialists for IT Security

  • Offences and PenaltiesDisrupt, Paralyze and Destroy Critical Information Infrastructure byUnauthorized Access to CII, or Fabrication, Destruction, etc., in excess of his or her authority. Installation of Malicious Programs/CodeDenial of Service Attack => Imprisonment for 10 Years or a Fine of 100 Million WonIncidents against Ordinary Information SystemsImprisonment for 5 years or a fine of 50 Million Won

  • CII Protection related ActivitiesNov. 2001, 9 Companies were Accredited as ISCSPsDec. 2001, First Meeting of the Committee on Protection of the Information Infrastructure MeetingDesignated 23 Infrastructures under 4 Ministries as CIIsMIC, MoGAHA, MoFA, MoHW First half of 2002 Vulnerability Assessment and Development of Security Measures for CIIs under wayDevelop Security Plans for 20032nd Designation of CIIs(Financial, Industrial Support Sectors)

  • Other Activities

  • Other Activities ( 1 )Prevention and Awareness Program(MIC, KISA)Operation of Anti-Hacking & Virus Consulting CenterRemote Vulnerability AssessmentAnti-Hacking & Virus Day (15th of Every Month)Develop & Disseminate Security and Response GuidelinesEducation & Training for Managers(Schools, PC Room, Small & Middle Sized Companies)Early Warning & Alert System (e-WAS) (being developed)

  • Other Activities ( 2 )Develop Cyber-Terror Prevention TechnologyE-WAS and Secure MessengerReal-Time Scan Detector(RTSD)Develop Vulnerability Assessment and Intrusion Detection Tools => Build Vulnerability DB Foster IndustryDevelop and Disseminate Information Security TechnologiesInformation Security Industry Support Center(Test-Bed)

  • Other Activities(3)International Cooperation Partic