Recent Cyber Attacks and Countermeasures September 2006.
18
Recent Cyber Attacks and Countermeasures Recent Cyber Attacks and Countermeasures September 2006 September 2006
Transcript of Recent Cyber Attacks and Countermeasures September 2006.
Recent Cyber Attacks and CountermeasuresRecent Cyber Attacks and Countermeasures
September 2006September 2006
CONTENTS CONTENTS
Basic Concept Basic Concept
Cyber Attack TrendsCyber Attack Trends
Countermeasure activities Countermeasure activities
Future PlansFuture Plans
Basic ConceptBasic Concept
Potential factors Potential factors and meansand means Proactive actionsProactive actions Result of the attackResult of the attack
Cyber Threat
Cyber Attack
Cyber Crisis
Collection Collection and analysisand analysis
Detection Detection and interceptionand interception
Countermeasures Countermeasures and managementand management
Countermeasures
Characteristics
Cyber Attack TrendsCyber Attack Trends
Changes in IT EnvironmentChanges in IT Environment
RFID, U-City, Ubiquitous, etc…RFID, U-City, Ubiquitous, etc…RFID, U-City, Ubiquitous, etc…RFID, U-City, Ubiquitous, etc…
e-Governmente-Governmente-Governmente-Government
20062006
The The rapidly growing dependencerapidly growing dependence on the internet on the internet
Second highest high-speed internet penetration in the Second highest high-speed internet penetration in the
worldworld
33 million internet users (73%) 33 million internet users (73%)
Advanced IT NetworkAdvanced IT Network
20072007 2008~2008~
Current Status of Cyber Intrusion Current Status of Cyber Intrusion IncidentsIncidents
136,261136,261
25,98025,98035,67035,670
60%60%
37%37%54,27554,275
140,000140,000
20042004
20,00020,000
40,00040,000
60,00060,000
20052005
TotalTotal
HackingHacking
(Unit: Case)
Trends of Cyber AttacksTrends of Cyber Attacks
Advanced and Intelligent Methods of AttackAdvanced and Intelligent Methods of Attack
Security systems are disabled and used as a detourSecurity systems are disabled and used as a detour
Shortened cycleShortened cycle
Major DamagesMajor Damages
Advanced and Integrated IT Networks, Aggravated damagesAdvanced and Integrated IT Networks, Aggravated damages
Different Purposes of AttackDifferent Purposes of Attack
Curiosity & Showing Off Curiosity & Showing Off → → Financial & Information TheftFinancial & Information Theft
Countermeasure ActivitiesCountermeasure Activities
National Cyber Security Management National Cyber Security Management SystemSystem
Policy Adjustment
NCSCThreat
Information
Analysis InformationAnalysis Information
Networked Networked OrganizationsOrganizations
Domestic Domestic and overseas and overseas Cooperating Cooperating OrganizationsOrganizations
National Cyber Security Strategy CouncilNational Cyber Security Strategy Council
Private Public Military
Countermeasure TechnologyCountermeasure Technology
Threat Information
National Cyber Security Management Regulation(Presidential Directive No. 141)
Handling Cyber Crisis Handling Cyber Crisis
Create a Countermeasure ManualCreate a Countermeasure Manual
Include “cyber security” in the scope of national crisis Include “cyber security” in the scope of national crisis
managementmanagement
Specify countermeasure procedures for each warning levelSpecify countermeasure procedures for each warning level
Integrated synthetic training for handling Cyber CrisisIntegrated synthetic training for handling Cyber Crisis
Develop virtual scenariosDevelop virtual scenarios
Verify the effectiveness of the manual and check to see if Verify the effectiveness of the manual and check to see if
everyone is familiar with the procedureseveryone is familiar with the procedures
Strengthening CooperationStrengthening Cooperation
Establish the ‘National CERT Council’Establish the ‘National CERT Council’
Encourage the participation of professional organizations in Encourage the participation of professional organizations in
security monitoringsecurity monitoring
Share threat information and technologies, and cooperate in Share threat information and technologies, and cooperate in
handling cyber incidentshandling cyber incidents
Establish a ‘Cyber Security Council’ in Each RegionEstablish a ‘Cyber Security Council’ in Each Region
Encourage the participation of regional government offices Encourage the participation of regional government offices
and high-tech businessesand high-tech businesses
Share security technologies and threat informationShare security technologies and threat information
Entering into the CCRA Entering into the CCRA (Common Criteria Recognition (Common Criteria Recognition Arrangement) Arrangement)
Background and PurposeBackground and Purpose
an information security round of advanced countries were organizedan information security round of advanced countries were organized
the use of internationally certified products were encouragedthe use of internationally certified products were encouraged
Join the arangement as a country that can issue a certificate (’06.5)Join the arangement as a country that can issue a certificate (’06.5)
* CAP (Certificate Authorizing Participants)* CAP (Certificate Authorizing Participants)
Promote the information security industry and improve its competitivPromote the information security industry and improve its competitivenesseness
Future PlansFuture Plans
Establishing an Information Sharing Establishing an Information Sharing SystemSystem
Administration Finance Communication Energy
Transportation
Monitoring Center by AreaMonitoring Center by AreaMonitoring Center by AreaMonitoring Center by Area
Operation CenterOperation CenterOperation CenterOperation Center
Main National Infrastructure Main National Infrastructure SystemsSystems
…………..
Development of Technical MeasuresDevelopment of Technical Measures
Take Security Measures regarding New IT Take Security Measures regarding New IT
TechnologiesTechnologies
Ubiquitous Society, RFID (Radio Frequency Identification) tagsUbiquitous Society, RFID (Radio Frequency Identification) tags
Develop Cyber Attack Detection TechnologiesDevelop Cyber Attack Detection Technologies
Study predictive methods based on statisticsStudy predictive methods based on statistics
Develop new detection technologies and 3D visualizationDevelop new detection technologies and 3D visualization
Strengthening preventive activitiesStrengthening preventive activities
Carry out ‘Cyber Security Assessment’Carry out ‘Cyber Security Assessment’
Encourage government organizations to conduct security Encourage government organizations to conduct security
assessments on their ownassessments on their own
Support customized security measuresSupport customized security measures
Conduct Security Check-ups on major computing Conduct Security Check-ups on major computing
networksnetworks
For government organizations and high-tech businessesFor government organizations and high-tech businesses
Identify security holes and support security technologiesIdentify security holes and support security technologies
Promotion of Cyber Security Promotion of Cyber Security AwarenessAwareness
Develop Cyber Security Training ProgramsDevelop Cyber Security Training Programs
Hold cyber security conferences for high-ranking Hold cyber security conferences for high-ranking
government/corporate officialsgovernment/corporate officials
Strengthen cyber security awareness programs for Strengthen cyber security awareness programs for
elementary and middle school studentselementary and middle school students
Offer reward Money for Reporting Cyber incidentsOffer reward Money for Reporting Cyber incidents
Encourage citizens to report intrusion incidents and threat Encourage citizens to report intrusion incidents and threat
informationinformation
Thank you.Thank you.
Phone : 82-2-557-0264Phone : 82-2-557-0264
E-mail : [email protected] : [email protected]
