Cybersecurity News that Matters

Cybersecurity News that Matters

South Korea to enhance offensive cybersecurity, boosting attribution capabilities

Illustration by Areum Hwang, The Readable

by Dain Oh

Sep. 02, 2024
11:58 PM GMT+9

Following an earlier announcement from South Korea’s National Security Office outlining its National Cybersecurity Strategy, the office has now unveiled a more detailed implementation plan that aligns with President Yoon Suk-yeol’s specific goals for enhancing the nation’s offensive cybersecurity preparedness.

The new plan clearly states that South Korea will strengthen its offensive cyber defense capabilities and concentrate on tracking threat actors to their operational bases, including their infrastructure.

On Sunday, the Office of National Security, which serves as a national cybersecurity control hub for the President, publicly unveiled the National Cybersecurity Master Plan. The complete document was also released by South Korea’s National Cyber Security Center (NCSC), an organization comparable to the United Kingdom’s Government Communications Headquarters (GCHQ).

Last February, the Yoon Suk-yeol administration outlined its vision for national cybersecurity, emphasizing the importance of freedom, human rights, and the rule of law in cyberspace. The National Cybersecurity Strategy set three main goals: enhancing offensive cybersecurity capabilities, expanding global leadership, and building cyber resilience. The document also identified five strategic challenges, including the establishment of a global cyber cooperation system.

“The organizations involved in national defense and intelligence must shift to a proactive approach to identify, investigate, and prevent malicious activities, including those originating from North Korea,” the office stated.

The plan acknowledged the extensive efforts needed to establish effective offensive defense systems, including the development of legal frameworks, operational capabilities, and international cooperation.

According to the plan, the South Korean government will establish a national threat database that integrates both domestic and international intelligence to improve the accuracy of cyberattack attribution. Procedures and standards for attribution will be developed to facilitate faster international cooperation. Additionally, technologies to track malicious actors in cyberspace, including state-sponsored hackers, will be actively pursued and developed.

South Korean President Yoon Suk-yeol is speaking at the International Symposium on Cybercrime Response which was held in Seoul on August 27. Source: Office of the President of the Republic of Korea

According to sources familiar with the matter, offensive cybersecurity has been a central focus of the Yoon Suk-yeol administration’s national security agenda.

For example, Park Chan-am, CEO of the South Korean cybersecurity firm STEALIEN and one of the most famous white hackers in the nation, delivered a keynote address at the nation’s 13th Information Security Day Celebration in July. He emphasized the importance of offensive capabilities in defending against cyber threats. According to Park, accurately identifying the source of an attack allows defenders to craft varied cybersecurity strategies in anticipation of future threats. Additionally, it enables defenders to impose sanctions on the aggressors, holding them accountable for their actions.

Park elaborated on the significance of proactively gathering information on threat actors, which can be utilized to implement the Defend Forward strategy. First introduced in the U.S. Department of Defense Cyber Strategy in 2018, Defend Forward aims to disrupt malicious activities at their earliest stages. “By infiltrating adversaries’ systems in advance, we can monitor their activities and promptly identify any signs of malicious intent, thereby protecting our own systems,” said Park. “Waiting until after the attack has been launched is too late for effective defense,” he added.

Moreover, the new implementation plan underscored the need to address disinformation, which “divides the nation and creates societal chaos,” according to the office.

“North Korea’s cyber propaganda has been evolving in numerous ways, necessitating a strong response from our nation,” stated the office. “While urging portal and platform providers to strengthen voluntary measures against disinformation, the government plans to revise legislation to better address information operations conducted by foreign entities.”


Related article: New cybersecurity association aims to bolster South Korea’s legislative framework

On Monday, cybersecurity experts from both the public and private sectors gathered to commemorate the establishment of a new association dedicated to assisting South Korean lawmakers in drafting legislation pertinent to the cybersecurity field.

During the inaugural general meeting held at the National Assembly Member’s Office Building, Jeong Kyeong-doo, the president of the National Cyber Security Laboratory (NCSL), noted a global lack of interest in recognizing and addressing cyber threats. In his opening remarks, Jeong stated, “The whole world is focusing on developing countermeasures against military conflicts that are visible to the naked eye, those that happen on physical battlefields. The devastating reality is that the severity of conflicts in cyberspace, where wars rage unseen, is not being adequately acknowledged.” READ MORE

Subscription

Subscribe to our newsletter for the latest insights and trends. Tailor your subscription to fit your interests:

By subscribing, you agree to our Privacy Policy. We respect your privacy and are committed to protecting your personal data. Your email address will only be used to send you the information you have requested, and you can unsubscribe at any time through the link provided in our emails.

  • Dain Oh
    : Author

    Dain Oh is a distinguished journalist based in South Korea, recognized for her exceptional contributions to the field. As the founder and editor-in-chief of The Readable, she has demonstrated her expe...

    View all posts
Stay Ahead with The Readable's Cybersecurity Insights