• Review of KIISC
• /
• v.14 no.1
• /
• pp.107-122
• /
• 2004

세계 각 국은 산업 및 정보의 의존성에 의해 모든 정보를 한눈에 볼 수 있는 시대로 변모하였으며, 사이버 공간 그 자체가 정치, 경제사회, 문화 등의 기본적인 생활 공간으로 자리 매김하고 있다. 따라서 사이버 공간을 보호하지 않을 경우 안정된 정보사회 구축은 불가능하다. 특히, 정보보호의 대상이 특정 국가적인 정보 보안에 국한되지 않고 기업 및 사회의 정보 등으로 확대되고 있어, 국가적으로 국가 안보뿐만 아니라 개인의 정보보호를 위한 새로운 제도와 조치가 절실히 요구되는 시점이다. 따라서 본 고에서는 복합 기능을 갖는 정보보호 제품의 보호 프로파일 개발을 위한 기반 연구로 요구되는 대체 평가 방법론에 대해 고찰해 보고자한다. 특히 북미를 중심으로 표준화가 진행 중에 있는 CEM을 기준으로, 영국을 중심으로 유럽의 적합성 표준으로 추진 중에 있는 SCT와 ISO/IEC에서 제시되고 있는 적합성 테스트 방법론인 ISO/IEC 9496 및 보증 프레임워크인 ISO/IEC 15443에 대한 자체 취약성 분석을 수행하고 자각의 평가 방법론간의 상호 연관성과 비교 분석을 통해 복합 기능을 갖는 정보보호 제품의 보호 프로파일 개발의 가이드라인을 제시하고자 한다.

• Korean Security Journal
• /
• no.31
• /
• pp.157-185
• /
• 2012

Today, the emergence of cyberspace and advancement of globalization caused not only the transformation of our productive and conventional life but also the revolutionary transition of use of destructive violence such as crime and warfare. This transition of environmental condition connects various security threats which separatedly existed in individual, local, national, and global levels in the past, and transformed the mechanical sum of all levels of security threats into the organic sum of multi-dimensional security threats. This article proposes that the sum of multi-dimensional security threats is caused by the interconnectivity of various different levels of security threats and the integrated interdisciplinary perspective is essential to properly understand the fundamental existence of today's security problem and the reality of fear that we face today. The holistic security, the concept proposed here, is to suggest the mode of networked response to multi-dimensional security threats. The holistic security is suggested to overcome the conventional divisional approach based on the principle of "division of labor" and bureaucratic principles, which means more concretely that national security and criminal justice are divided and intelligence, military, police, prosecution, fire-fighting, private security, and etc. are strictly separated into its own expertise and turf. Also, this article introduces integrated security approaches tried by international organization and major countries overseas with the respect of the holistic security. The author have spent some substantial experience of participant observation, meetings, seminar, conference, and expert interviews regarding the issues discussed in the article in various countries including the United States, Russia, Austria, Germany, Canada, Mexico, Israel, and Uzbekistan for the last ten years. Intelligence and information on various levels of security threats and security approaches introduced in this paper is obtained from such opportunities.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2004.05b
• /
• pp.776-779
• /
• 2004

With the rapid progress of information technique, it is getting more difficult to protect information systems from cyber terrorism, because of bugs and vulnerabilities of software and the properties of cyberspace such as anonymity. furthermore cyber terror techniques are highly developed and complicated and their use for a malicious intent and a military purpose are increasing recently. Therefore a study of warfare attack technology on the cyber space is necessary for establishing trusted society and further national security. Specially, worms/viruses are becoming a more common occurrence on the cyber space. Also, The worm caused a great deal of damage to the large number of networks around the world in a very short period of time. Therefore, we will describe worms/viruses in the warfare attack technique in this paper.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2014.10a
• /
• pp.521-524
• /
• 2014

Because of the development of computers and networks, the use of the internet has been rapidly increased. The smart devices, such as smart phones and tablet PCs, have made an epoch-making changes, which have brought people's daily lives to the cyber world and life values have been improved. The cyber world not only just changed individual's lives, but also affected all areas and the world. The recent global trends reside mainly in protection of energy sources, and nation's dependency of the information system such as politic, economic and national security. Since major national infrastructure becomes a stragic attack target, the importance of cyber warfare has rised as an effective way to attact enermy. This article explores the concept of cyber warfare and national cyber capability, and then figure out the plan of reaction to minimize damages with best protection when cyber warfare occurs.

• Convergence Security Journal
• /
• v.20 no.5
• /
• pp.19-26
• /
• 2020

The purpose of this paper is to ccompare and analyze North Korean cyber attacks and our responses by government, from the Roh Moo-hyun administration to the Moon Jae-in administration. The current conflict of interests on the Korean peninsula, such as the United States, China, and Russia, is leading to a conflict for the leadership of a new world order in cyberspace. Cyber attacks are accelerating and threats are rising. Cyber threats exhibit several characteristics. Above all, it is difficult to identify or track the subject of the threat. Also, with the development of information and communication technology, attack technology has become more intelligent, and it is not easy to prepare a means to respond. Therefore, it is necessary to improve continuous and preemptive response capacity for national cybersecurity, and to establish governance among various actors, such as international cooperation between countries or private experts.

• KIPS Transactions on Computer and Communication Systems
• /
• v.11 no.10
• /
• pp.353-362
• /
• 2022

The Russian-Ukraine war is accompanied by a military armed conflict and cyberattacks are in progress. As Russia designated Korea as an unfriendly country, there is an urgent need to prepare countermeasures as the risk of cyberattacks on Korea has also increased. Accordingly, impact of 19 cyberattack cases were analyzed by their type, and characteristics and implications were derived by examining them from five perspectives, including resource mobilization and technological progress. Through this, a total of seven measures were suggested as countermeasures for the Korean government, including strengthening multilateral cooperation with value-sharing countries, securing cyberattack capabilities and strengthening defense systems, and preparing plans to connect with foreign security companies. The results of this study can be used to establish the Korean government's cybersecurity policy.

• Convergence Security Journal
• /
• v.20 no.1
• /
• pp.15-24
• /
• 2020

Cyber terror and cyberwarfare are no longer virtual, but real, and as an actual security situation, it is necessary to have new understanding through expanding the concept of war to neutralize not only the other country's military command system, but also the country's main functions such as telecommunications, energy, finance, and transport systems, and it also needs to establish the future development strategy of cyber terror response at the national level. Through analysis of cyberwarfare trends in each country and current status of cyberwarfare in Korea, it will systematically explore the demand of new policy based on laws and systems, including the strategies of cyber security technology development, industry promotion, and manpower training and existing information protection policies. through this, it effectively manages a sustainable national crisis, and it suggests to establish a future strategy for the medium and long term cyber security that can effectively and actively respond to cyberwarfare.

• Korean Security Journal
• /
• no.18
• /
• pp.169-190
• /
• 2009

Today, the rapid advance of scientific technologies has brought about fundamental changes to the types and levels of terrorism while the war against the world more than one thousand small and big terrorists and crime organizations has already begun. A method highly likely to be employed by terrorist groups that are using 21st Century state of the art technology is cyber terrorism. In many instances, things that you could only imagine in reality could be made possible in the cyber space. An easy example would be to randomly alter a letter in the blood type of a terrorism subject in the health care data system, which could inflict harm to subjects and impact the overturning of the opponent's system or regime. The CIH Virus Crisis which occurred on April 26, 1999 had significant implications in various aspects. A virus program made of just a few lines by Taiwanese college students without any specific objective ended up spreading widely throughout the Internet, causing damage to 30,000 PCs in Korea and over 2 billion won in monetary damages in repairs and data recovery. Despite of such risks of cyber terrorism, a great number of Korean sites are employing loose security measures. In fact, there are many cases where a company with millions of subscribers has very slackened security systems. A nationwide preparation for cyber terrorism is called for. In this context, this research will analyze the current status of Korea's cyber security systems and its laws from a policy perspective, and move on to propose improvement strategies. This research suggests the following solutions. First, the National Cyber Security Management Act should be passed to have its effectiveness as the national cyber security management regulation. With the Act's establishment, a more efficient and proactive response to cyber security management will be made possible within a nationwide cyber security framework, and define its relationship with other related laws. The newly passed National Cyber Security Management Act will eliminate inefficiencies that are caused by functional redundancies dispersed across individual sectors in current legislation. Second, to ensure efficient nationwide cyber security management, national cyber security standards and models should be proposed; while at the same time a national cyber security management organizational structure should be established to implement national cyber security policies at each government-agencies and social-components. The National Cyber Security Center must serve as the comprehensive collection, analysis and processing point for national cyber crisis related information, oversee each government agency, and build collaborative relations with the private sector. Also, national and comprehensive response system in which both the private and public sectors participate should be set up, for advance detection and prevention of cyber crisis risks and for a consolidated and timely response using national resources in times of crisis.

• The Science & Technology
• /
• v.35 no.2 s.393
• /
• pp.45-74
• /
• 2002

[테러리즘 현황] - 현대사회 테러리스트 공격에 속수무책, 유형ㆍ시대따라 달라도 늘 빈틈노려 덮쳐/[무력테러] - 인터넷 등 첨단기술이용 무기 현지조달, 국가안보차원서 테러 대처능력 갖춰야/[생물테러] - 생명공학 접목ㆍ소량으로 대량살상 가능, 무미ㆍ무취에 은밀ㆍ잠재성 커 무기화 박차/[화학테러] - 1차 대전때 겨자가스공격 1백30만명 사상, 북한은 61년 김일성지시에 따라 5천톤 비축/[방사능테러] 원자력발전소 등 각종 핵시설 공격 목표, 한국은 북한의 핵위협 예방 종합대책 필요/[사이버테러] 마음만 먹으면 누구나 전산망 파괴 가능, 미래 전쟁은 네트워크 파괴가 성패 갈라

• Review of KIISC
• /
• v.25 no.6
• /
• pp.53-58
• /
• 2015

방산업체에 대한 해킹사고 및 방산기밀 유출을 예방하기 위한 보안활동은 방산업체뿐만 아니라 국가안보 차원에서도 매우 중요한 문제다. 반면, 방산업체 대상 보안지원활동은 조직 전체가 아닌 시설 및 정보시스템 중심으로 수행되고 있어 조직 전체적인 정보보호수준을 제고하고 사이버위협에 대한 대응능력을 확충하는데는 한계가 있다. 이에 본 논문에서는 방산업체의 보안수준을 근본적으로 향상시키기 위한 방안으로 대내 외에서 널리 활용되고 있는 ISMS 인증제도를 분석하고 이를 토대로 민간 ISMS에 기반한 방산업체 ISMS 적용방안을 제안한다.