Go to contents

[Editorial] IT Security System Needed

Posted July. 11, 2009 08:58,   


The distributed denial-of-service (DDoS) attacks on major domestic Internet sites showed signs of abating yesterday, as Seoul blocked five host sites distributing malicious codes and another 86 commanding the codes to destroy affected personal computers called “zombies.”

Tuesday`s cyber terrorist attacks, however, was in large part caused by South Korea’s loose security system. Dr. Ahn Chul-soo, an Internet security guru and a chair professor at the Korea Advanced Institute of Science and Technology, said the country is under attack again as it failed to strengthen security after suffering two previous attacks in 1999 and 2003.

Despite calls for nurturing 100,000 hackers, the government failed to invest in the online security field. While other advanced nations spend five to 12 percent of their information technology budgets on security, Korea spends less than one percent and has a severe shortage of cyber security experts. If the situation continues, the computer-operated financial, public utility and traffic systems could be paralyzed by hackers, and threats to dams and subway trains could rattle public safety.

The latest cyber attack is a rude awakening for Korea’s backward IT security. Vaccines were provided over 11 to 24 hours after the first attack. Due to the lack of a control tower, government agencies were too slow to respond, failing to share information among them. Nine months have passed since a bill on cyber security crisis was introduced to the National Assembly. The main opposition Democratic Party labeled it an “evil law,” while the ruling Grand National Party has remained inactive on it.

Computer users have also been negligent over PC security. Few users have virus vaccines or check their systems on a regular basis. Potential “zombie” computers are everywhere across the country. This is an age of cyber warfare but the country is lacking in laws, organizations, personnel, budget, investment and public awareness.

Major countries are taking defensive measures against cyber terrorism on a national level, putting it on a par with a nuclear attack. In the United States, the National Cybersecurity Division acts as the control tower for U.S. efforts to prevent and respond to cyber terrorism. The U.S. Defense Department will establish a combined cyber command for digital warfare in October.

China has units for fighting computer viruses and electronic warfare, not to mention a million active hackers. Japan is also operating a cyber warfare unit. North Korea is said to have ordered its hacker unit to destroy South Korea’s communication networks.

In contrast, South Korea is discussing ways to advance the planned establishment of an IT protection command to next year instead of 2012. Cyber warfare does not allow a three-year gap.