The National Intelligence Service (NIS) of South Korea has assembled a joint incident response team comprising 46 public organizations to tackle cybersecurity concerns.
In a statement released on August 2, the NIS announced the launch of ‘Cyber 119,’ a joint team consisting of law enforcement agencies, local governments, and other organizations in critical infrastructure sectors across the nation. In South Korea, 119 is the emergency telephone number for calling the fire brigade or an ambulance, similar to how 911 is used in the United States.
Cyber 119 includes the Ministry of Science and ICT, the Prosecution Service, the Korean National Police Agency, Korea Electric Power Corporation, Korea Hydro & Nuclear Power, the Korea Internet & Security Agency, and 13 local government offices. These organizations are divided into five regions and have 130 cyber experts on board.
The joint team does not operate during peacetime. However, when a large-scale cyber incident occurs—such as telecommunication network outages or state-sponsored hacking attacks against multiple institutions—the NIS activates each region’s Cyber 119 team in collaboration with the National Cyber Risk Management Unit (NCRMU).
Cyber 119 is the result of months-long efforts to establish a nationwide incident response system that can act during the critical period immediately following disastrous incidents.
In November of last year, the South Korean government network suffered a massive breakdown, leading to severe disruptions across a range of public services. A support team from the NCRMU was sent to the affected sites to help restore services and determine the causes of the failure. Since then, the need for a rapid response system has grown increasingly clear from a national security standpoint.
“Cyber 119 is a nationwide council that unifies local cybersecurity councils,” said Shin Yong-seok, the Secretary to the President for Cybersecurity, in a statement. “It will enhance the nation’s capability to respond to cyber risks,” added Shin.
Yoon Oh-jun, the Third Deputy Director of the NIS, stated that the agency will fully support the joint team by refining the incident response system in the five regions.
Related article: South Korea’s government network collapsed for nearly 48 hours
South Korea experienced a massive breakdown in its government network for nearly two days, leaving citizens and public service workers on edge before its full restoration on Sunday evening.
On November 19, the Ministry of the Interior and Safety (MOIS) held a press briefing and announced that they have fully restored the government network. South Korea faced a sudden network outage in its system early last Friday. The network failure caused various disruptions in the operations of public service workers, as they were cut off from accessing the internal government network called the ‘Saeol.’ It also resulted in the breakdown of online services, which enable citizens to be issued public documents without submitting an application manually to government employees.
The MOIS stated that the failure stemmed from a malfunction in one of the network devices that supports the Saeol system. “We have looked thoroughly into all the information systems that are relevant to the Seoul system,” said Ko Ki-dong, the Vice Minister of the MOIS, while explaining their process of normalizing the government network. “We have found that there is a problem with a network device which operates as a part of an authentication system, and we replaced it early on Saturday morning.”
The South Korean government explained that further investigations must be undertaken to determine the cause of the disruption of the network devices. However, they denied claims suggesting that the massive failure was the result of a cyberattack. The government further stated that the problem was not caused by the use of outdated devices. The Readable reached out to the MOIS to ask the reason behind their decision to exclude the possibility of that the outage was the result of an attack by malicious actors. However, the government did not respond to comment. READ MORE