• Korean Security Journal
• /
• no.39
• /
• pp.319-353
• /
• 2014

Cyber-based technologies are now ubiquitous around the glob and are emerging as an "instrument of power" in societies, and are becoming more available to a country's opponents, who may use it to attack, degrade, and disrupt communications and the flow of information. The globe-spanning range of cyberspace and no national borders will challenge legal systems and complicate a nation's ability to deter threats and respond to contingencies. Through cyberspace, competitive powers will target industry, academia, government, as well as the military in the air, land, maritime, and space domains of our nations. Enemies in cyberspace will include both states and non-states and will range from the unsophisticated amateur to highly trained professional hackers. In much the same way that airpower transformed the battlefield of World War II, cyberspace has fractured the physical barriers that shield a nation from attacks on its commerce and communication. Cyberthreats to the infrastructure and other assets are a growing concern to policymakers. In 2013 Cyberwarfare was, for the first time, considered a larger threat than Al Qaeda or terrorism, by many U.S. intelligence officials. The new United States military strategy makes explicit that a cyberattack is casus belli just as a traditional act of war. The Economist describes cyberspace as "the fifth domain of warfare and writes that China, Russia, Israel and North Korea. Iran are boasting of having the world's second-largest cyber-army. Entities posing a significant threat to the cybersecurity of critical infrastructure assets include cyberterrorists, cyberspies, cyberthieves, cyberwarriors, and cyberhacktivists. These malefactors may access cyber-based technologies in order to deny service, steal or manipulate data, or use a device to launch an attack against itself or another piece of equipment. However because the Internet offers near-total anonymity, it is difficult to discern the identity, the motives, and the location of an intruder. The scope and enormity of the threats are not just focused to private industry but also to the country's heavily networked critical infrastructure. There are many ongoing efforts in government and industry that focus on making computers, the Internet, and related technologies more secure. As the national intelligence institution's effort, cyber counter-intelligence is measures to identify, penetrate, or neutralize foreign operations that use cyber means as the primary tradecraft methodology, as well as foreign intelligence service collection efforts that use traditional methods to gauge cyber capabilities and intentions. However one of the hardest issues in cyber counterintelligence is the problem of "Attribution". Unlike conventional warfare, figuring out who is behind an attack can be very difficult, even though the Defense Secretary Leon Panetta has claimed that the United States has the capability to trace attacks back to their sources and hold the attackers "accountable". Considering all these cyber security problems, this paper examines closely cyber security issues through the lessons from that of U.S experience. For that purpose I review the arising cyber security issues considering changing global security environments in the 21st century and their implications to the reshaping the government system. For that purpose this study mainly deals with and emphasis the cyber security issues as one of the growing national security threats. This article also reviews what our intelligence and security Agencies should do among the transforming cyber space. At any rate, despite of all hot debates about the various legality and human rights issues derived from the cyber space and intelligence service activity, the national security should be secured. Therefore, this paper suggests that one of the most important and immediate step is to understanding the legal ideology of national security and national intelligence.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.30 no.6
• /
• pp.1167-1187
• /
• 2020

We are facing the situation where cyber threats such as hacking, malware, data leakage, and theft, become an important issue in the perspective of personal daily life, business, and national security. Although various efforts are being made to response to the cyber threats in the national and industrial sectors, the problems such as the industry-academia skill-gap, shortage of cybersecurity professionals are still serious. Thus, in order to overcome the skill-gap and shortage problems, we propose a Cybersecurity technical response Job Competency(CtrJC) framework by adopting the concept of cybersecurity personnel's job competency. As a sample use-case study, we implement the CtrJC against to personals who are charged in realtime cybersecurity response, which is an important job at the national and organization level, and verify the our framework's effects. We implement a sample model, which is a CtrJC against to realtime cyber threats (We call it as CtrJC-R), and study the verification and validation of the implemented model.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2014.10a
• /
• pp.521-524
• /
• 2014

Because of the development of computers and networks, the use of the internet has been rapidly increased. The smart devices, such as smart phones and tablet PCs, have made an epoch-making changes, which have brought people's daily lives to the cyber world and life values have been improved. The cyber world not only just changed individual's lives, but also affected all areas and the world. The recent global trends reside mainly in protection of energy sources, and nation's dependency of the information system such as politic, economic and national security. Since major national infrastructure becomes a stragic attack target, the importance of cyber warfare has rised as an effective way to attact enermy. This article explores the concept of cyber warfare and national cyber capability, and then figure out the plan of reaction to minimize damages with best protection when cyber warfare occurs.

• Review of KIISC
• /
• v.12 no.6
• /
• pp.54-57
• /
• 2002

인터넷 인구 2천 5백만, 초고속 전산망 가입자 1천만명을 돌파하고 사회전반의 정보시스템 의존도가 더욱 심화되고 있는 현시점에서 우리나라가 선진국 대열에 동참하기 위해서는 정보화 역기능에 대한 대비책 마련이 필수적인 요소이다. 특히 국가안보와 관련된 정보전과 사이버전, 사이버테러에 대한 개념을 정립하고 군 뿐만 아니라 범국가적 대응책을 마련하여야 한다. 전문인력 양성과 국민의식 홍보, 범국가적 협력체계 구축, 정보보호 시스템 구축 및 보안관리 강화등 기본적인 추진 방안을 제시하면서 이 분야 전문가 집단인 한국정보보호학회의 역할을 강조한다.

• Korean Security Journal
• /
• no.31
• /
• pp.157-185
• /
• 2012

Today, the emergence of cyberspace and advancement of globalization caused not only the transformation of our productive and conventional life but also the revolutionary transition of use of destructive violence such as crime and warfare. This transition of environmental condition connects various security threats which separatedly existed in individual, local, national, and global levels in the past, and transformed the mechanical sum of all levels of security threats into the organic sum of multi-dimensional security threats. This article proposes that the sum of multi-dimensional security threats is caused by the interconnectivity of various different levels of security threats and the integrated interdisciplinary perspective is essential to properly understand the fundamental existence of today's security problem and the reality of fear that we face today. The holistic security, the concept proposed here, is to suggest the mode of networked response to multi-dimensional security threats. The holistic security is suggested to overcome the conventional divisional approach based on the principle of "division of labor" and bureaucratic principles, which means more concretely that national security and criminal justice are divided and intelligence, military, police, prosecution, fire-fighting, private security, and etc. are strictly separated into its own expertise and turf. Also, this article introduces integrated security approaches tried by international organization and major countries overseas with the respect of the holistic security. The author have spent some substantial experience of participant observation, meetings, seminar, conference, and expert interviews regarding the issues discussed in the article in various countries including the United States, Russia, Austria, Germany, Canada, Mexico, Israel, and Uzbekistan for the last ten years. Intelligence and information on various levels of security threats and security approaches introduced in this paper is obtained from such opportunities.

• Korean Security Journal
• /
• no.42
• /
• pp.229-249
• /
• 2015

As the post-cold war era and globalization go on, national security problems which were not traditional national security problems such as terrorism, crime, environmental disasters, economic crises, cyber-terrorism, diseases, and energy problems threat humanity and nations and demands changes. Also, with the change, the concept of "big government" has emerged as the role of nation expanded. The modern society sees every country change from small government to big government in order to realize the establishment of welfare state. A comprehensive interpretation of security is needed in order to comprehensive protection of citizens beyond outside invasion such as crime, new disaster, terrorism. In Korea, incidents such as Cheonan-Ham, Yeonpeyong-Do, foot-and-mouth disease, Ddos terrorism, pirates hostages, mad cow disease, AI are happening and the humanitarian support for North Korea and the summit of South and North Korea are at a standstill. Also, National emergency management system, comprehensive emergency management center, countrol tower, national security system, cooperation with citizens, establishment of legal and institutional system are needed. The importance of this research is on the reestablishment of new national security and emergency management system according to the comparison between the national security and counter-terrorism system of Korea and that of the United States which is a leading country in this field. Also, the establishment of national emergency management act is needed as a statute for effective function as currently various laws and administrative organizations are dispersed.

• Convergence Security Journal
• /
• v.6 no.4
• /
• pp.141-151
• /
• 2006

The destructive power of cyber threat arrived to until the phase which it threatens to direct and seriously in national security undergoes an important national institutuin hacking event of 2004 and Internet paralysis accidents of 2003. 1. 25. So Cyber terror and Cyber warfare is not the hypothetical enemy situation. It is more actual security situation and identify as magnification of warfare concept of incapacitation national important ability include military command system of the adversary, communication, energy, finance and transportation system. consequently, with the progress of cyber threat, it is necessary that looking at a number of general plan to make up for the weak points in cyber warfare operation system. Thus, the focus of this study is to examine new ways of developing a comprehensive cyber security management system.

• Convergence Security Journal
• /
• v.20 no.1
• /
• pp.15-24
• /
• 2020

Cyber terror and cyberwarfare are no longer virtual, but real, and as an actual security situation, it is necessary to have new understanding through expanding the concept of war to neutralize not only the other country's military command system, but also the country's main functions such as telecommunications, energy, finance, and transport systems, and it also needs to establish the future development strategy of cyber terror response at the national level. Through analysis of cyberwarfare trends in each country and current status of cyberwarfare in Korea, it will systematically explore the demand of new policy based on laws and systems, including the strategies of cyber security technology development, industry promotion, and manpower training and existing information protection policies. through this, it effectively manages a sustainable national crisis, and it suggests to establish a future strategy for the medium and long term cyber security that can effectively and actively respond to cyberwarfare.

• Proceedings of the Korea Water Resources Association Conference
• /
• 2023.05a
• /
• pp.14-14
• /
• 2023

산업발전에 따른 인구증가, 기후위기에 따른 가뭄 및 물 부족심화, 그리고 수질오염 등은 2015년 제79차 UN총회의 물 안보측면에서 국제사회의 물 분야 위기관리를 위해 2030년을 지속가능한 발전 목표(Sustainable Development Goals)로 하였다. 또한, 현재 물 산업은 빠르게 성장하고 있으며, 2016년 세계경제포럼(World Economic Forum) 의장 클라우스 슈밥(Klaus Schwab)부터 주창된 제4차 산업혁명로 인해 현재 물 산업의 패러다임 또한 급속히 변화하고 있다. 이는 컴퓨터를 기반으로 하는 CPS(Cyber Physical System) 및 DT(Digital Twin) 연계 분석방식의 혁신을 일컫는다. 2002년경에 DT의 기본개념이 제시되었고, 2006년경에는 Embedded System에서의 DT와 같은 개념으로 CPS의 용어가 등장했다. DT는 현실세계에 존재하는 사물, 시스템, 환경 등을 S/W시스템의 가상공간에 동일하게 모사(Virtualization) 및 모의(Simulation)할 수 있도록 하고, 모의결과를 가상시스템으로 현실세계를 최적화 체계 구현 기술을 말한다. DT의 6가지 기능은 ① 실제 데이터(Live Data), ② 모사, ③ 분석정보(Analytics), ④ 모의, ⑤ 예측(Predictions), ⑥ 자동화(Automation) 이다. 또한, CPS는 대규모 센서 및 액추에이터(Actuator)를 가지는 물리적 요소와 이를 실시간으로 제어하는 컴퓨팅 요소가 결합된 복합시스템을 말한다. CPS는 물리세계에서 발생하는 변화를 감지할 수 있는 다양한 센서를 통해 환경인지 기능을 수행한다. 센서로부터 수집된 정보와 물리세계를 재현 및 투영하는 고도화된 시스템 모델들을 기반으로 사이버 물리공간을 인지·분석·예측할 수 있다. CPS의 6가지 구성요소는 ① 상호 운용성(Interoperability), ② 가상화(Virtualization), ③ 분산화(Decentralization), ④ 실시간(Real-time Capability), ⑤ 서비스 오리엔테이션(Service Orientation), ⑥ 모듈화(Modularity)이다. DT와 CPS는 본질적으로 같은 목적, 내용, 그리고 결과를 만들어내고자 하는 같은 종류의 기술이라고 할 수 있다. CPS 및 DT는 물리세계에서 발생하는 변화를 감지할 수 있으며, 토양-지하수 센서를 포함한 관측기술을 통해 환경인지 기능을 수행한다. 지하수 관측기술로부터 수집된 정보와 물리세계를 재현 및 투영하는 고도화된 시스템 모델들을 기반으로 사이버 물리공간 및 디지털 트윈 공간을 인지·분석·예측할 수 있다. CPS 및 DT의 기본 요소들을 실현시키는 것은 양질의 데이터를 모니터링할 수 있는 정확하고 정밀한 1차원 연직 프로파일링 관측기술이며, 이를 토대로 한 수자원 관련 빅데이터의 증가, 빅데이터의 저장과 분석을 가능하게 하는 플랫폼의 개발이다. 본 연구는 CPS 및 DT 기반 토양수분-지하수 관측기술을 이용한 지표수-지하수 연계, 지하수 순환 및 관리, 정수 운영 및 진단프로그램 개발을 위한 토양수분-지하수 관측장치를 지하수 플랫폼 동시성과 디지털 트윈 시뮬레이터 시스템 개발 방향으로 제시하고자 한다.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2022.05a
• /
• pp.358-360
• /
• 2022

Modern society is developing rapidly and technologies that provide convenience in living are developing day by day. On the other hand, the development of cyber attacks that threaten cybersecurity is developing faster, and it still adversely affects the industrial environment, and industrial damage is steadily occurring every year. Industrial security is an activity that safely protects major assets or technologies of companies and organizations from these attacks. Therefore, it is a situation that requires professional manpower for security. Currently, the manpower situation for security is staffed, but knowledge of the understanding and concept of industrial security jobs is insufficient. In other words, there is a lack of professional manpower for industrial security. It is the NCS that came out to solve this problem. NCS is the state standardized ability (knowledge, attitude, skills, etc.) necessary to perform duties in the industrial field. NCS can systematically design the curriculum using NCS as well as help in hiring personnel, and NCS can be applied to the national qualification system. However, in the field of industrial security, NCS has not yet been developed and is still having difficulties in hiring personnel and curriculum. Although the NCS system in the field of industrial security has not been developed, this paper proposes the industrial security NCS to solve the problem of hiring professionals later and to help the field of industrial security NCS to be established later.