A South Korean white hat hacker emphasized on Wednesday the importance of taking an offensive approach in defending the country against cyber adversaries, suggesting that domestic cyber weapons be developed that are capable of deployment in crucial situations.
Park Chan-am, Chief Executive Officer at the South Korean cybersecurity company STEALIEN, noted that cyber electronic warfare has evolved to encompass all fronts, including space, land, sea, and air. His speech was delivered at the 13th Information Security Day Celebration held in Seoul. Since 2012, the South Korean government has designated the second Wednesday of July as Information Security Day, in remembrance of the nation falling prey to a massive distributed-denial-of-service (DDoS) attack on July 7, 2009, an event in which major government, news media, and financial websites were targeted by a large-scale botnet attack.
According to the CEO, identifying the source of attacks is crucial to gaining the upper hand in cyberwarfare. Unlike physical weapons such as missiles, which can be traced back to their deployers, the origin of cyber weapons is difficult to determine due to attackers’ ability to disguise their identity. Determining the true source of an attack would enable defenders to develop diverse cybersecurity strategies in preparation for future attacks. Additionally, defenders could impose sanctions on the aggressors, thereby holding them accountable for their actions.
Park further elaborated on the importance of proactively gathering information on threat actors, stating that this could be used to employ the Defend Forward strategy. First introduced in the United States Department of Defense Cyber Strategy in 2018, Defend Forward aims to disrupt malicious activities at their earliest stages. “We could monitor the adversaries’ activities by breaking into their systems in advance. If there are any signs of malicious activity, we could identify them immediately and protect our systems,” said the CEO. “It is too late for defense after the bad actors have launched their attacks.”
Park highlighted the importance of building offensive capabilities as the core of a proactive defense strategy. He referenced South Korean President Yoon Suk-yeol, who in signing the guestbook during his visit to the country’s cyber command last year, wrote that “cyber warfare capability is the core of national security.” In February, the presidential office disclosed the national cybersecurity strategy, identifying the intensification of offensive capabilities to counter malicious activities as one of its three strategic objectives.
In particular, Park emphasized the development of domestic cyber weapons as a means to ensure timely and appropriate responses. “Due to political and diplomatic reasons, it is imprudent to purchase cyber weapons from foreign countries. Even if we succeed in acquiring them, there is still the possibility of hidden malicious software or monitoring systems unknown to the buyers,” said the CEO. “We need to build our own cyber weapons to respond effectively in critical situations.”
Related article: South Korea emphasizes importance of cybersecurity with information security day event
The South Korean government marked its 13th Information Security Day with a conference and celebration. The event brought together domestic and international cybersecurity leaders and experts for keynotes, awards, and speeches.
Every second Wednesday of July is designated as Information Security Day by the South Korean government. The 13th Information Security Day event was held in Seoul, South Korea, featuring keynotes from three cybersecurity leaders, a conference with ten security experts, and an exhibition showcasing 18 security companies.
The event was hosted by the Ministry of Science and ICT (MSIT), the Ministry of the Interior and Safety (MOIS), and the National Intelligence Service (NIS), entities responsible for ensuring South Korea’s security.
During the keynote, Dimitri Kusnezov, Under Secretary for Science and Technology at the United States Department of Homeland Security, expressed concern about the growing sophistication of current cyber technology. READ MORE
