• Title/Summary/Keyword: cyberattacks

Search Result 69, Processing Time 0.027 seconds

A Study on the Change of Cyber Attacks in North Korea (북한의 사이버 공격 변화 양상에 대한 연구)

  • Chanyoung Park;Hyeonsik Kim
    • The Journal of the Convergence on Culture Technology
    • /
    • v.10 no.4
    • /
    • pp.175-181
    • /
    • 2024
  • The U.N. Security Council's North Korea Sanctions Committee estimated that the amount of North Korea's cyberattacks on virtual asset-related companies from 2017 to 2023 was about 4 trillion won. North Korea's cyberattacks have secured funds through cryptocurrency hacking as it has been restricted from securing foreign currency due to economic sanctions by the international community, and it also shows the form of technology theft against defense companies, and illegal assets are being used to maintain the Kim Jong-un regime and develop nuclear and missile development. When North Korea conducted its sixth nuclear test on September 3, 2017, and declared the completion of its national nuclear armament following the launch of an intercontinental ballistic missile on November 29 of the same year, the U.N. imposed sanctions on North Korea, which are considered the strongest economic sanctions in history. In these difficult economic situations, North Korea tried to overcome the crisis through cyberattacks, but as a result of analyzing the changes through the North's cyber attack cases, the strategic goal from the first period from 2009 to 2016 was to verify and show off North Korea's cyber capabilities through the neutralization of the national network and the takeover of information, and was seen as an intention to create social chaos in South Korea. When foreign currency earnings were limited due to sanctions against North Korea in 2016, the second stage seized virtual currency and secured funds to maintain the Kim Jong-un regime and advance nuclear and missile development. The third stage is a technology hacking of domestic and foreign defense companies, focusing on taking over key technologies to achieve the five strategic weapons tasks proposed by Chairman Kim Jong-un at the 8th Party Congress in 2021. At the national level, security measures for private companies as well as state agencies should be established against North Korea's cyberattacks, and measures for legal systems, technical problems, and budgets related to science are urgently needed. It is also necessary to establish a system and manpower to respond to the ever-developing cyberattacks by focusing on cultivating and securing professional manpower such as white hackers.

Market in Medical Devices of Blockchain-Based IoT and Recent Cyberattacks

  • Shih-Shuan WANG;Hung-Pu (Hong-fu) CHOU;Aleksander IZEMSKI ;Alexandru DINU;Eugen-Silviu VRAJITORU;Zsolt TOTH;Mircea BOSCOIANU
    • Korean Journal of Artificial Intelligence
    • /
    • v.11 no.2
    • /
    • pp.39-44
    • /
    • 2023
  • The creativity of thesis is that the significance of cyber security challenges in blockchain. The variety of enterprises, including those in the medical market, are the targets of cyberattacks. Hospitals and clinics are only two examples of medical facilities that are easy targets for cybercriminals, along with IoT-based medical devices like pacemakers. Cyberattacks in the medical field not only put patients' lives in danger but also have the potential to expose private and sensitive information. Reviewing and looking at the present and historical flaws and vulnerabilities in the blockchain-based IoT and medical institutions' equipment is crucial as they are sensitive, relevant, and of a medical character. This study aims to investigate recent and current weaknesses in medical equipment, of blockchain-based IoT, and institutions. Medical security systems are becoming increasingly crucial in blockchain-based IoT medical devices and digital adoption more broadly. It is gaining importance as a standalone medical device. Currently the use of software in medical market is growing exponentially and many countries have already set guidelines for quality control. The achievements of the thesis are medical equipment of blockchain-based IoT no longer exist in a vacuum, thanks to technical improvements and the emergence of electronic health records (EHRs). Increased EHR use among providers, as well as the demand for integration and connection technologies to improve clinical workflow, patient care solutions, and overall hospital operations, will fuel significant growth in the blockchain-based IoT market for linked medical devices. The need for blockchain technology and IoT-based medical device to enhance their health IT infrastructure and design and development techniques will only get louder in the future. Blockchain technology will be essential in the future of cybersecurity, because blockchain technology can be significantly improved with the cybersecurity adoption of IoT devices, i.e., via remote monitoring, reducing waiting time for emergency rooms, track assets, etc. This paper sheds the light on the benefits of the blockchain-based IoT market.

Study on Policies for National Cybersecurity (국가 사이버안보를 위한 정책 연구)

  • Ham, Seung-hyeon;Park, Dea-woo
    • Journal of the Korea Institute of Information and Communication Engineering
    • /
    • v.21 no.9
    • /
    • pp.1666-1673
    • /
    • 2017
  • Republic of Korea is divided into South Korea and North Korea, creating military conflicts and social conflicts. North Korea is conducting cyberattacks against South Korea and has hacked South Korea's defense network. In the world of cyberspace, the boundaries of the borders are becoming obscured, and cyberattacks and cyberterrorism for cyberwarfare operate with digital computing connected to points, time and space. Agenda and manual are needed for national cybersecurity. Also, it is necessary to study national cybersecurity laws and policies that can create and implement nationalcyber security policy. This paper investigates cyberterrorism situation in North and South Korean confrontation situation and damage to cyberwarfare in the world. We also study cybersecurity activities and cyberwarfare response agendas, manuals and new technologies at home and abroad. And propose national cybersecurity policy and propose policies so that '(tentative) The National Cybersecurity Law' is established. This study will be used as basic data of national cybersecurity law and policy.

A Study on Maturity Model for the Assessment of Cyber Resilience Level in the Defence Information System (국방정보시스템 사이버복원력 수준 평가를 위한 성숙도모델에 관한 연구)

  • Choi, Jae-hyeok;Kim, Wan-ju;Lim, Jae-sung
    • Journal of the Korea Institute of Information Security & Cryptology
    • /
    • v.29 no.5
    • /
    • pp.1153-1165
    • /
    • 2019
  • Recently, threats of hacking have been increasing on the national intelligence service network and key infrastructure, including the defense field. The defense information system responds to threats from the outside through the network separation, but if the defense information system is hacked, it has a serious impact on the operations of wartime or peacetime military forces. Today, cyberattacks and threats are rising to unpredictable levels and making it practically impossible to completely block and prevent hacking threats completly. So, in this study proposed a maturity model to assess the level of cyber-resilience, which is the ability to ensure the system's viability and maintain continuity through rapid response and recovery if signs of cyberattacks by the defense information system are expected or occurred. The proposed maturity model is expected to contribute to improving the cyber security level of the defense information system by assessing the level of cyber resilience of the defense information system and identifying and supplementing fields that are lacking.

A Study on Korea's Countermeasures Through the Analysis of Cyberattack Cases in the Russia-Ukraine War (러시아-우크라이나 전쟁에서의 사이버공격 사례 분석을 통한 한국의 대응 방안에 관한 연구)

  • Lee, Hyungdong;Yoon, Joonhee;Lee, Doeggyu;Shin, Yongtae
    • KIPS Transactions on Computer and Communication Systems
    • /
    • v.11 no.10
    • /
    • pp.353-362
    • /
    • 2022
  • The Russian-Ukraine war is accompanied by a military armed conflict and cyberattacks are in progress. As Russia designated Korea as an unfriendly country, there is an urgent need to prepare countermeasures as the risk of cyberattacks on Korea has also increased. Accordingly, impact of 19 cyberattack cases were analyzed by their type, and characteristics and implications were derived by examining them from five perspectives, including resource mobilization and technological progress. Through this, a total of seven measures were suggested as countermeasures for the Korean government, including strengthening multilateral cooperation with value-sharing countries, securing cyberattack capabilities and strengthening defense systems, and preparing plans to connect with foreign security companies. The results of this study can be used to establish the Korean government's cybersecurity policy.

Integrated Ship Cybersecurity Management as a Part of Maritime Safety and Security System

  • Melnyk, Oleksiy;Onyshchenko, Svitlana;Pavlova, Nataliia;Kravchenko, Oleksandra;Borovyk, Svitlana
    • International Journal of Computer Science & Network Security
    • /
    • v.22 no.3
    • /
    • pp.135-140
    • /
    • 2022
  • Scientific and technological progress is also fundamental to the evolving merchant shipping industry, both in terms of the size and speed of modern ships and in the level of their technical capabilities. While the freight performance of ships is growing, the number of crew on board is steadily decreasing, as more work processes are being automated through the implementation of information technologies, including ship management systems. Although there have been repeated appeals from international maritime organizations to focus on building effective maritime security defenses against cyber attacks, the problems have remained unresolved. Owners of shipping companies do not disclose information about cyberattack attempts or incidents against them due to fear of commercial losses or consequences, such as loss of image, customer and insurance claims, and investigations by independent international organizations and government agencies. Issues of cybersecurity of control systems in the world today have gained importance, due to the fact that existing threats concern not only the security of technical means and devices, but also issues of environmental safety and safety of life at sea. The article examines the implementation of cyber risk management in the shipping industry, providing recommendations for the safe ship operation and its systems in order to improve vulnerability to external threats related to cyberattacks, and to ensure the safety and security of such a technical object as a seagoing ship.

A Study on the Improvement of Cybersecurity Training System in Nuclear Facilities (원자력 시설 사이버보안 훈련체계 개선 방안 연구)

  • Kim, Hyun-hee;Lee, Daesung
    • Proceedings of the Korean Institute of Information and Commucation Sciences Conference
    • /
    • 2022.05a
    • /
    • pp.187-188
    • /
    • 2022
  • As information processing technology develops with the trend of the times, the possibility of cyber threats to nuclear facilities is increasing. In the 2000s, there was a growing perception that cyberattacks on nuclear facilities were needed, and in fact, a cybersecurity regulatory system for nuclear power plants began to be established to prepare for cyberattacks. In Korea, in order to prepare for cyber threats, in 2013 and 2014, the Act on Protection and Radiation Disaster Prevention, Enforcement Decree, and Enforcement Rules of Nuclear Facilities, etc., and notices related to the Radioactive Disaster Prevention Act were revised. In 2015, domestic nuclear operators prepared information system security regulations for each facility in accordance with the revised laws and received approval from the Nuclear Safety Commission for implementation of information system security regulations divided into seven stages. In 2019, a special inspection for step-by-step implementation was completed, and since 2019, the cybersecurity system of operators has been continuously inspected through regular inspections. In this paper, we present some measures to build improved training to suit the steadily revised inspection of the nuclear facility cybersecurity system to counter cyber threats to the ever-evolving nuclear facilities.

  • PDF

A Steganography-Based Covert Communication Method in Roblox Metaverse Environment (로블록스 메타버스 환경에서의스테가노그래피기반은닉통신기법)

  • Dokyung Yun;Youngho Cho
    • Journal of the Korea Institute of Information Security & Cryptology
    • /
    • v.33 no.1
    • /
    • pp.45-50
    • /
    • 2023
  • Roblox, the world's No. 1 metaverse platform, has more than 3 billion subscription accounts and more than 150 millionmonthly active users (MAU). Despite such high interest in metaverse, existing studies on analyzing the risk of cyberattacks and security in the metaverse environment is insufficient. Therefore, in this paper, we propose a new steganography-basedcovert communication method in Roblox. In our proposed method, a secret message is hidden into an image by using a function provided in the Roblox Experience environment and then the image is automatically stored in the RobloxExperience participants' devices (PC or Smartphone) so that a malicious software can extract the hidden message fromthe image. By our experiments in the Roblox metaverse environment, we validated our proposed method works and thus want to inform our proposed method can be used in various cyberattacks and crimes such as the spread of secret commands, the establishment of a steganography botnet, and the mass distribution of malicious malware in metaverse platforms.

A Study on the Utilization of Artificial Intelligence-Based Infringement Analysis Tools (인공지능 기반 침해분석 도구 활용에 관한 연구)

  • Yang Hwan Seok
    • Convergence Security Journal
    • /
    • v.24 no.2
    • /
    • pp.3-8
    • /
    • 2024
  • Recently, in order to build a cyber threats have increased in number and complexity. These threats increase the risk of using personally owned devices for work. This research addresses how to utilize an AI-enabled breach analysis tool. To this end, we developed and proposed the feasibility of using an AI-based breach analysis tool that reduces the workload of analysts and improves analysis efficiency through automated analysis processes. This allows analysts to focus on more important tasks. The purpose of this research is to propose the development and utilization of an AI-based breach analysis tool. We propose a new research direction in the field of breach analysis and suggest that automated tools should be improved in performance, coverage, and ease of use to enable organizations to respond to cyberattacks more effectively. As a research method, we developed a breach analysis tool using A.I. technology and studied various use cases. We also evaluated the performance, coverage, and ease of use of automated tools, and conducted research on predicting and preventing breaches and automatically responding to them. As a result, this research will serve as a foundation for the development and utilization of AI-based breach analysis tools, which can be used to respond to cyberattacks more effectively through experiments.

Technological Trends in Cyber Attack Simulations (사이버 공격 시뮬레이션 기술 동향)

  • Lee, J.Y.;Moon, D.S.;Kim, I.K.
    • Electronics and Telecommunications Trends
    • /
    • v.35 no.1
    • /
    • pp.34-48
    • /
    • 2020
  • Currently, cybersecurity technologies are primarily focused on defenses that detect and prevent cyberattacks. However, it is more important to regularly validate an organization's security posture in order to strengthen its cybersecurity defenses, as the IT environment becomes complex and dynamic. Cyberattack simulation technologies not only enable the discovery of software vulnerabilities but also aid in conducting security assessments of the entire network. They can help defenders maintain a fundamental level of security assurance and gain control over their security posture. The technology is gradually shifting to intelligent and autonomous platforms. This paper examines the trends and prospects of cyberattack simulation technologies that are evolving according to these requirements.