Presentation is loading. Please wait.

Presentation is loading. Please wait.

Jinhyun CHO Senior Researcher Korea Internet and Security Agency.

Similar presentations


Presentation on theme: "Jinhyun CHO Senior Researcher Korea Internet and Security Agency."— Presentation transcript:

1 Jinhyun CHO Senior Researcher Korea Internet and Security Agency

2 Security Incident Prevention and Response : 24/7 Situation Room to Respond Security Incidents : Incident Handling including Mobile/ SPAM Privacy Protection : PI Breach Reporting and Consultation : Removal of PI exposed on Websites Information Security Internet Promotion Creating a Healthy Internet Culture : Customized Internet Ethics Education Promoting Internet Business : Finding and Supporting New Quality Ventures Managing Internet Address Resources : Managing.kr domains(.kr registry) Supporting Foreign Expansion of ICT Businesses : Export Counselling, SME Consulting Cooperation with International Organizations : OECD, World Bank : Cyberspace Conference(2013), ITU PP(2014) Int’l Cooperation Policy Research and Survey Analysis : Internet Issue Research and National ICT Statistics Supporting Improvement of ICT Legal Frameworks : Supporting the Enactment of New Act like Cloud Act : Analyzing and Researching Emerging Legal Issues Policy Research

3 Cyber Terror on Broadcasting Stations and Banks Coordinated Attack with H-Hour : 14:00(GMT+9) Service Disruption : 3 BS and 2 Banks Affected More than 40,000 computers Destroyed (HDD Erased) Clients, Servers, and even ATMs Infected with Malware Malware Distribution Path : Vaccine Update Server Improper Security Management : Serious Security Holes March 20 Cyber Terror

4

5 Multiple Cyber Attacks : 69 Organizations Affected Web Defacement : Blue House and 43 Private Web DDoS on Integrated Government Infrastructure Destruction of Computers in Mass Media Companies Coordinated and Sophisticated Attack Attack Scale & Methods ( Web Hard Client Program ) Attribution : Who is Behind the Attack? June 25 Cyber Attack

6 More than 100 Mil. Card holders’ PI Leaked K CCV : 53 Mil., L CCV : 26 Mil., N CCV : 25 Mil. Including RRN, Address, Financial Status, and etc. Internal Employee of Credit Rating Company Involved Counterfeit Prevention System Development Program PI Leaked with USB Thumb Drive (No Policy or Encryption) Leaked to Loan Advertisers and Loan Brokers Serious Financial and Legal Threats to Credit Card Vendors? From Credit Card Vendors

7 12Mil PI Leaked through Homepage Hacking Brutal Force Attack with Billing Information Sophisticated Hacking Vs. Trial and Error (?) Security Policy for Multiple Attempts from One IP(?) Leaked PI used to Advertise and Sell Mobile Phones Customized Information for Those Who Need a New Phone 3 or 4 Phones Sold to Over 150 Phones Sold After Breach Similar Incident Occurred 2 years ago From Mobile Service Provider

8 Nat’l Cybersecurity Comprehensive Countermeasures BH takes the Lead in Major Cybersecurity Incidents NIS : Working-level Coordinator MND for Military Sector and MSIP for Private Sector PCRC Strategy P(Prompt) : Concurrent Situation Notification Framework C(Cooperative) : Cyberthreat Information Sharing System R(Robust) : CII Designation Increased (Around 400 in 2017) C(Creative) : Supporting 10 Key Security Technology

9 Financial PI Breach Prevention Countermeasures Protection of Financial Consumer Right Minimum PI Collection and Self Determination Clear and Strong Responsibility Annual Reporting on IS & Penalty ( Up to 3% of Sale) Strong Response to Security Incidents Network Separation and RRN Encryption Prevention of Potential Breaches Destruction of Collected PI

10 Gov (MSIP) R&D Plan for Information Security until 2017 Vision Establish Secure & Trustworthy Creative Society Safety Network Objectives Global Market Share : 2.4%(2012) to 3.0%(2017) 1 st Class Tech. : 79.9(2013) to 90%(2017) Competitiveness : Supporting 10 best IS Products R&D Focus in 2014 : Incident Response & Wireless IDS

11 Cybersecurity Research Center University and KISA Cooperation Joint Project to Educate and Train Cybersecurity Experts KISA : Provide the state-of-art information and technology Area : Vulnerability and Malware Analysis Providing Working Experiences in the Real Envirnoment 2 Centers to Be Selected Open to Graduate School of Information Security

12


Download ppt "Jinhyun CHO Senior Researcher Korea Internet and Security Agency."

Similar presentations


Ads by Google