korea’s approach to network security
DESCRIPTION
Korea’s Approach to Network Security. 21 May 2002 Cha, Yang-Shin Ministry of Information and Communication. Contents. Advancement in the Information Society and New Threats Information Infrastructure Protection Act Information Infrastructure Protection Framework - PowerPoint PPT PresentationTRANSCRIPT
![Page 1: Korea’s Approach to Network Security](https://reader035.vdocuments.us/reader035/viewer/2022081502/56815805550346895dc57610/html5/thumbnails/1.jpg)
1
Korea’s Approach to Network Korea’s Approach to Network SecuritySecurity
Korea’s Approach to Network Korea’s Approach to Network SecuritySecurity
21 May 2002
Cha, Yang-Shin
Ministry of Information and Communication
![Page 2: Korea’s Approach to Network Security](https://reader035.vdocuments.us/reader035/viewer/2022081502/56815805550346895dc57610/html5/thumbnails/2.jpg)
2
Advancement in the Information Society and New Threat
s
Information Infrastructure Protection Act
Information Infrastructure Protection Framework
Incident Prevention and Response
Other Activities
Future Policy Direction
ContentsContentsContentsContents
![Page 3: Korea’s Approach to Network Security](https://reader035.vdocuments.us/reader035/viewer/2022081502/56815805550346895dc57610/html5/thumbnails/3.jpg)
3
Advancement in the Information Society and New Threats
Advancement in the Information Society and New Threats
![Page 4: Korea’s Approach to Network Security](https://reader035.vdocuments.us/reader035/viewer/2022081502/56815805550346895dc57610/html5/thumbnails/4.jpg)
4
World’s Best Info-Communication Infrastructure and
Dramatic Increase of Internet Users
Connect Every Region of the Country with Info-Super-highway
Approximately 25 Million Internet Users (Dec. 2001)
More than 7.8 Million Broadband Subscribers (Dec. 2001)
1999.1 2000.8 2000.12 2001.12
Users(in thousands)
9,433 16,403 19,045 24,380
Percentage of Users
22.4 38.5 44.7 56.0
Rapid Growth in Information SocietyRapid Growth in Information SocietyRapid Growth in Information SocietyRapid Growth in Information Society
![Page 5: Korea’s Approach to Network Security](https://reader035.vdocuments.us/reader035/viewer/2022081502/56815805550346895dc57610/html5/thumbnails/5.jpg)
5
Increased Dependency on IT Systems
E-Government
E-Business
E-Education
E-Healthcare, etc.
Increased Interdependency
National Administration Network, Korean Education Network,
Online Banking, Electronic Commerce, etc.
Importance of the Information InfrastructureImportance of the Information InfrastructureImportance of the Information InfrastructureImportance of the Information Infrastructure
![Page 6: Korea’s Approach to Network Security](https://reader035.vdocuments.us/reader035/viewer/2022081502/56815805550346895dc57610/html5/thumbnails/6.jpg)
6
Hacking and Computer Virus Viruses, Trojan Horses, Logic Bombs, Internet worm
Manipulation or Destruction of Operating Systems, Application Software or Data
Manipulation by Insiders
Manipulation of Communication Links
Information Warfare, etc.
572
39,348
1,943
50,124
5,333
65,033
-
10,000
20,000
30,000
40,000
50,000
60,000
70,000
1999년 2000년 2001년
< Hacking & Computer Virus Incidents in '99 - '01 >
hacking incidents
Computer V irusesincidents
Challenges & Threats to the Information SocietyChallenges & Threats to the Information SocietyChallenges & Threats to the Information SocietyChallenges & Threats to the Information Society
![Page 7: Korea’s Approach to Network Security](https://reader035.vdocuments.us/reader035/viewer/2022081502/56815805550346895dc57610/html5/thumbnails/7.jpg)
7
Information Infrastructure Protection ActInformation Infrastructure Protection Act
![Page 8: Korea’s Approach to Network Security](https://reader035.vdocuments.us/reader035/viewer/2022081502/56815805550346895dc57610/html5/thumbnails/8.jpg)
8
MIC
Director General for Information Security
Cyber Crime Investigation bodies in Public Prosecutors’ office
Internet Crime Investigation Center, SPPO
Computer Crime Investigation Squad in 20 District PPO
KNPA
Cyber Terror Response Center
MoD, NIS, MoGHHA, etc
Korea Information Security Agency, etc
Legislation ( Background I ) Legislation ( Background I ) Legislation ( Background I ) Legislation ( Background I )
![Page 9: Korea’s Approach to Network Security](https://reader035.vdocuments.us/reader035/viewer/2022081502/56815805550346895dc57610/html5/thumbnails/9.jpg)
9
Facilities protected by Diverse Laws in each Sectors
Focused on Physical Protection
Insufficient Counter-Measures against Cyber-Attack
Outbreak of Cyber-Attacks on Internet Web-sites DoS Attack on Yahoo, CNN, e-Bay, etc. (Feb. 2000)
Enormous Econo-Social Damage due to Cyber-Attack
Legislation ( Background II )Legislation ( Background II )Legislation ( Background II )Legislation ( Background II )
Need for Overall Info-Communication Infrastructure Protection Initiatives
![Page 10: Korea’s Approach to Network Security](https://reader035.vdocuments.us/reader035/viewer/2022081502/56815805550346895dc57610/html5/thumbnails/10.jpg)
10
Developments
Ministerial Meeting on the Prevention of Cyber-Terrorism (Feb. 2000)
– Decided to Legislate a Law covering Comprehensive and
Systematic Information Infrastructure Protection and
Counter Measures against Cyber-Terrorism
Legislation Committee (Feb. 2000 to Dec. 2000)
Enactment of Information Infrastructure Protection Act (Jan. 2001)
Effective from July 2001
Information Infrastructure Protection Act ( 1 )Information Infrastructure Protection Act ( 1 )Information Infrastructure Protection Act ( 1 )Information Infrastructure Protection Act ( 1 )
Framework for II Protection
![Page 11: Korea’s Approach to Network Security](https://reader035.vdocuments.us/reader035/viewer/2022081502/56815805550346895dc57610/html5/thumbnails/11.jpg)
11
Outlines
Establish Governmental Framework for Information Infrastructure
Protection
– Committee on Protection of Information Infrastructure
– CII Related Ministries
– Infrastructure Management Bodies
Protection Measures
– Selection and designation of CII
– Vulnerability Assessment => Protection Measures & Plans
Information Infrastructure Protection Act ( 2 ) Information Infrastructure Protection Act ( 2 ) Information Infrastructure Protection Act ( 2 ) Information Infrastructure Protection Act ( 2 )
![Page 12: Korea’s Approach to Network Security](https://reader035.vdocuments.us/reader035/viewer/2022081502/56815805550346895dc57610/html5/thumbnails/12.jpg)
12
Outlines (Cont.)
Prevention & Response
– Prevention : Security Guideline, Protection Measures
– Response : Security Warning, Recovery
Technical Support
Development of Technologies
International Cooperation
Severer Punishment for Cyber Crimes against II
Information Infrastructure Protection Act ( 3 ) Information Infrastructure Protection Act ( 3 ) Information Infrastructure Protection Act ( 3 ) Information Infrastructure Protection Act ( 3 )
![Page 13: Korea’s Approach to Network Security](https://reader035.vdocuments.us/reader035/viewer/2022081502/56815805550346895dc57610/html5/thumbnails/13.jpg)
13
Information Infrastructure Protection Framework
Information Infrastructure Protection Framework
![Page 14: Korea’s Approach to Network Security](https://reader035.vdocuments.us/reader035/viewer/2022081502/56815805550346895dc57610/html5/thumbnails/14.jpg)
14
Committee on the Protection of Information Infrastructure
Chair : Prime Minister
Members : Ministers related to CII
Mission : Deliberation and Coordination of Selection of CII and
Security Plans and Policies
Ministers related to CII
Designation of CII, Establishment of Security Plan
Security Guidelines, Demand/Recommendation of Security Measures
Overall Government Protection Framework ( 1 )Overall Government Protection Framework ( 1 )Overall Government Protection Framework ( 1 )Overall Government Protection Framework ( 1 )
![Page 15: Korea’s Approach to Network Security](https://reader035.vdocuments.us/reader035/viewer/2022081502/56815805550346895dc57610/html5/thumbnails/15.jpg)
15
CII Management bodies
Vulnerability Assessment, Security Measures
Cyber Incidents Prevention and Response
Technical Supporting bodies Accredited Vulnerability Assessment bodies
KISA
ETRI
Information Security Consulting Service Providers
Technical support in vulnerability assessment, Security Measures
Implementation, Prevention and Response
Overall Government Protection Framework ( 2 )Overall Government Protection Framework ( 2 )Overall Government Protection Framework ( 2 )Overall Government Protection Framework ( 2 )
![Page 16: Korea’s Approach to Network Security](https://reader035.vdocuments.us/reader035/viewer/2022081502/56815805550346895dc57610/html5/thumbnails/16.jpg)
16
Designation of CII ( 1 )Designation of CII ( 1 )Designation of CII ( 1 )Designation of CII ( 1 )
Information Infrastructure
Electronic Control and Management Systems
Information Systems and Communication Networks, etc.
Critical Information Infrastructure
Have Major Impact on National, Economic and Social Security
Designated by Ministers through Committee on the Protection of
Information Infrastructure
![Page 17: Korea’s Approach to Network Security](https://reader035.vdocuments.us/reader035/viewer/2022081502/56815805550346895dc57610/html5/thumbnails/17.jpg)
17
Designation of CII ( 2 )Designation of CII ( 2 )Designation of CII ( 2 )Designation of CII ( 2 )
Criteria for Selection
Importance of its Service to the People and Nation
Reliance on CII in Performing its Missions
Interconnection with other Information and Communication
Infrastructures
Scope of Impact on the Defense or Economic Security
High Incidence, Difficulties of Efforts Needed for the Restoration
![Page 18: Korea’s Approach to Network Security](https://reader035.vdocuments.us/reader035/viewer/2022081502/56815805550346895dc57610/html5/thumbnails/18.jpg)
18
Vulnerability Assessment Vulnerability Assessment Vulnerability Assessment Vulnerability Assessment
Who
CII Management Body
When
Within 6 Months after the Designation of CII
Re-Assessment in Every Other Year
How Assessment by Infrastructure Management Body by assistance of
Technical Supporting bodies
Technical Supporting bodies
KISA, ETRI, Information Security Consulting Service Provider
![Page 19: Korea’s Approach to Network Security](https://reader035.vdocuments.us/reader035/viewer/2022081502/56815805550346895dc57610/html5/thumbnails/19.jpg)
19
Plan & Measures for Protection Plan & Measures for Protection Plan & Measures for Protection Plan & Measures for Protection
Infrastructure Management Body
After the Assessment, Develop Security Measures
Submit Security measures to the Ministry Concerned
Ministries
Combine Individual Infrastructure Protection Measures to form a
Security Plan under their Jurisdiction
Committee on the Protection of Information Infrastructure
Review and Coordinate Security Plans Developed by Ministers
![Page 20: Korea’s Approach to Network Security](https://reader035.vdocuments.us/reader035/viewer/2022081502/56815805550346895dc57610/html5/thumbnails/20.jpg)
20
Support ( 1 )Support ( 1 )Support ( 1 )Support ( 1 )
Korea Information Security Agency(KISA)
Develop and Disseminate Information Security Guideline
– Used by Infrastructure Management Bodies and Industries
Vulnerability Assessment
Develop Security Measures, Provide Technical Support for
Prevention and Recovery
Develop and Disseminate II Security Technology
![Page 21: Korea’s Approach to Network Security](https://reader035.vdocuments.us/reader035/viewer/2022081502/56815805550346895dc57610/html5/thumbnails/21.jpg)
21
Support ( 2 )Support ( 2 )Support ( 2 )Support ( 2 )
Information Security Consulting Service Provider(ISCSP)
Authorized by MIC to Provide Consulting Service regarding Vulnerability
Assessment and Security Measure on CII
Designation Requirements
– More than 15 Qualified Technical Engineers
– Capital greater than 2 Billion KRW (USD 1.5 M)
– Equipments provided in Presidential Decree
![Page 22: Korea’s Approach to Network Security](https://reader035.vdocuments.us/reader035/viewer/2022081502/56815805550346895dc57610/html5/thumbnails/22.jpg)
22
Support ( 3 )Support ( 3 )Support ( 3 )Support ( 3 )
Information Sharing and Analysis Center(ISAC)
Prevention and Response to Incidents in Specific Sectors such as
Financial or Telecommunication
Mission
– Real-Time Warning and Analysis on Incidents
– Provide Information on Vulnerabilities and Countermeasures
– Vulnerability Assessment if Accredited by MIC
Telecommunication ISAC established, Financial ISAC to be
formed soon
![Page 23: Korea’s Approach to Network Security](https://reader035.vdocuments.us/reader035/viewer/2022081502/56815805550346895dc57610/html5/thumbnails/23.jpg)
23
Incident Prevention and ResponseIncident Prevention and Response
![Page 24: Korea’s Approach to Network Security](https://reader035.vdocuments.us/reader035/viewer/2022081502/56815805550346895dc57610/html5/thumbnails/24.jpg)
24
Incident Response and Recovery ( 1 ) Incident Response and Recovery ( 1 ) Incident Response and Recovery ( 1 ) Incident Response and Recovery ( 1 )
Incident Response
Self Response by Infrastructure Management Body
– Report to Minister, KISA or Investigation Offices
If Necessary, Request for Technical Assistance from Technical Supporting bodies
such as KISA, ETRI
For Large Scale Incidents, Establish Temporary Incident Response Headquarters
![Page 25: Korea’s Approach to Network Security](https://reader035.vdocuments.us/reader035/viewer/2022081502/56815805550346895dc57610/html5/thumbnails/25.jpg)
25
Incident Response and Recovery ( 2 )Incident Response and Recovery ( 2 )Incident Response and Recovery ( 2 )Incident Response and Recovery ( 2 )
Recovery
Prompt and Necessary Steps to Restore and Protect CII
If necessary, Request for Technical Assistance from KISA
International Cooperation
Share Information on Vulnerability and Incident Responses
(FIRST, APSIRC, etc)
Collaborative Incident Investigation
![Page 26: Korea’s Approach to Network Security](https://reader035.vdocuments.us/reader035/viewer/2022081502/56815805550346895dc57610/html5/thumbnails/26.jpg)
26
Incident Response and Recovery ( 3 )Incident Response and Recovery ( 3 )Incident Response and Recovery ( 3 )Incident Response and Recovery ( 3 )
Incident Response Headquarters
Established Temporarily, When Large Scale Incidents occurs,
by the Chairman of the Committee on the Protection of Information
Infrastructure
Mission
– Emergency Response, Technical Assistance and Recovery
Members
– Chief : Appointed by the Chairman(the Prime Minister)
– Members : Government Officers from the CII related Ministries, Civil
Specialists for IT Security
![Page 27: Korea’s Approach to Network Security](https://reader035.vdocuments.us/reader035/viewer/2022081502/56815805550346895dc57610/html5/thumbnails/27.jpg)
27
Offences and PenaltiesOffences and PenaltiesOffences and PenaltiesOffences and Penalties
Disrupt, Paralyze and Destroy Critical Information
Infrastructure by
Unauthorized Access to CII, or Fabrication, Destruction, etc., in excess of
his or her authority.
Installation of Malicious Programs/Code
Denial of Service Attack
=> Imprisonment for 10 Years or a Fine of 100 Million Won
Incidents against Ordinary Information Systems
Imprisonment for 5 years or a fine of 50 Million Won
![Page 28: Korea’s Approach to Network Security](https://reader035.vdocuments.us/reader035/viewer/2022081502/56815805550346895dc57610/html5/thumbnails/28.jpg)
28
CII Protection related ActivitiesCII Protection related ActivitiesCII Protection related ActivitiesCII Protection related Activities
Nov. 2001, 9 Companies were Accredited as ISCSPs
Dec. 2001, First Meeting of the Committee on Protection of the Information Infrastructure Meeting
Designated 23 Infrastructures under 4 Ministries as CIIs
– MIC, MoGAHA, MoFA, MoHW
First half of 2002
Vulnerability Assessment and Development of Security Measures for CIIs
under way
Develop Security Plans for 2003
2nd Designation of CIIs(Financial, Industrial Support Sectors)
![Page 29: Korea’s Approach to Network Security](https://reader035.vdocuments.us/reader035/viewer/2022081502/56815805550346895dc57610/html5/thumbnails/29.jpg)
29
Other ActivitiesOther Activities
![Page 30: Korea’s Approach to Network Security](https://reader035.vdocuments.us/reader035/viewer/2022081502/56815805550346895dc57610/html5/thumbnails/30.jpg)
30
Other Activities ( 1 )Other Activities ( 1 )Other Activities ( 1 )Other Activities ( 1 )
Prevention and Awareness Program(MIC, KISA)
Operation of Anti-Hacking & Virus Consulting Center
Remote Vulnerability Assessment
“Anti-Hacking & Virus Day” (15th of Every Month)
Develop & Disseminate Security and Response Guidelines
Education & Training for Managers(Schools, PC Room, Small & Mi
ddle Sized Companies)
Early Warning & Alert System (e-WAS) (being developed)
![Page 31: Korea’s Approach to Network Security](https://reader035.vdocuments.us/reader035/viewer/2022081502/56815805550346895dc57610/html5/thumbnails/31.jpg)
31
Other Activities ( 2 )Other Activities ( 2 )Other Activities ( 2 )Other Activities ( 2 )
Develop Cyber-Terror Prevention Technology
E-WAS and Secure Messenger
Real-Time Scan Detector(RTSD)
Develop Vulnerability Assessment and Intrusion Detection Tools
=> Build Vulnerability DB
Foster Industry
Develop and Disseminate Information Security Technologies
Information Security Industry Support Center(Test-Bed)
![Page 32: Korea’s Approach to Network Security](https://reader035.vdocuments.us/reader035/viewer/2022081502/56815805550346895dc57610/html5/thumbnails/32.jpg)
32
Other Activities(3)Other Activities(3)Other Activities(3)Other Activities(3)
International Cooperation
Participate in International Meetings including OECD, APEC, ITU
– Measures for Enhancing Information and Network Security
– Exchange of information with Regard to Policies and Practices
– Frameworks for Security Information Sharing
– Raise Awareness of Security by Education & Training
Cross-border Information sharing on Incidents and Responses
Promotion of International Cooperation on Cyber-Terror Prevention
Technologies
Cooperation on Cyber-Terror Investigation
![Page 33: Korea’s Approach to Network Security](https://reader035.vdocuments.us/reader035/viewer/2022081502/56815805550346895dc57610/html5/thumbnails/33.jpg)
33
Future Policy DirectionFuture Policy Direction
![Page 34: Korea’s Approach to Network Security](https://reader035.vdocuments.us/reader035/viewer/2022081502/56815805550346895dc57610/html5/thumbnails/34.jpg)
34
Future Policy DirectionFuture Policy DirectionFuture Policy DirectionFuture Policy Direction
Continue to Improve and Develop Information Security Management
Framework for II
R&D on II Security Technologies
Enhance Level of Information Security in Public / Private Sectors
Strengthen International Cooperation Activities
Global Leader, e-KoreaGlobal Leader, s-Korea
![Page 35: Korea’s Approach to Network Security](https://reader035.vdocuments.us/reader035/viewer/2022081502/56815805550346895dc57610/html5/thumbnails/35.jpg)
35
Well begun is half done !