Challenges in Korea. Jinhyun. CHO. Senior Researcher. Korea Internet and Security Agency. Short Intro. . To KISA. Security Incident Prevention and Response. . : 24/7 Situation Room to Respond Security Incidents. ID: 487962 Download Presentation
Challenges in Korea. Jinhyun. CHO. Senior Researcher. Korea Internet and Security Agency. Short Intro. . To KISA. Security Incident Prevention and Response. . : 24/7 Situation Room to Respond Security Incidents.
Download Presentation - The PPT/PDF document "Cyber Security and Data Protection" is the property of its rightful owner. Permission is granted to download and print the materials on this web site for personal, non-commercial use only, and to display it on your personal computer provided you do not modify the materials and that you retain all copyright notices contained in the materials. By downloading content from our website, you accept the terms of this agreement.
Presentation on theme: "Cyber Security and Data Protection"— Presentation transcript:
Slide1
Cyber Security and Data Protection Challenges in Korea
Jinhyun
CHO
Senior Researcher
Korea Internet and Security Agency
Slide2
Short Intro. To KISA
Security Incident Prevention and Response
: 24/7 Situation Room to Respond Security Incidents : Incident Handling including Mobile/e-mail SPAM Privacy Protection : PI Breach Reporting and Consultation : Removal of PI exposed on Websites
Information Security
Internet Promotion
Creating a Healthy Internet Culture
: Customized Internet Ethics Education Promoting Internet Business : Finding and Supporting New Quality Ventures Managing Internet Address Resources : Managing .kr domains(.kr registry)
Supporting Foreign Expansion of
ICT Businesses : Export Counselling, SME ConsultingCooperation with International Organizations : OECD, World Bank : Cyberspace Conference(2013), ITU PP(2014)
Int’l Cooperation
Policy Research and Survey Analysis
: Internet Issue Research and National ICT Statistics Supporting Improvement of ICT Legal Frameworks : Supporting the Enactment of New Act like Cloud Act : Analyzing and Researching Emerging Legal Issues
Policy Research
Slide3
Cyber Terror on Broadcasting Stations and Banks
Coordinated Attack with H-Hour : 14:00(GMT+9) Service Disruption : 3 BS and 2 Banks Affected More than 40,000 computers Destroyed (HDD Erased) Clients, Servers, and even ATMs Infected with Malware Malware Distribution Path : Vaccine Update Server Improper Security Management : Serious Security Holes
Web Defacement : Blue House and 43 Private Web DDoS on Integrated Government Infrastructure Destruction of Computers in Mass Media Companies Coordinated and Sophisticated Attack Attack Scale & Methods ( Web Hard Client Program ) Attribution : Who is Behind the Attack?
June 25 Cyber Attack
I. Major Security Incidents in 2013
Slide6
II. Major PI Breaches in 2014
More than 100 Mil. Card holders’ PI Leaked
K CCV : 53 Mil., L CCV : 26 Mil., N CCV : 25 Mil. Including RRN, Address, Financial Status, and etc. Internal Employee of Credit Rating Company Involved Counterfeit Prevention System Development Program PI Leaked with USB Thumb Drive (No Policy or Encryption) Leaked to Loan Advertisers and Loan Brokers Serious Financial and Legal Threats to Credit Card Vendors?
From Credit Card Vendors
Slide7
12Mil PI Leaked through Homepage Hacking
Brutal Force Attack with Billing Information Sophisticated Hacking Vs. Trial and Error (?) Security Policy for Multiple Attempts from One IP(?) Leaked PI used to Advertise and Sell Mobile Phones Customized Information for Those Who Need a New Phone 3 or 4 Phones Sold to Over 150 Phones Sold After Breach Similar Incident Occurred 2 years ago
From Mobile Service Provider
II. Major PI Breaches in 2014
Slide8
III. Response from Government
Nat’l Cybersecurity Comprehensive Countermeasures
BH takes the Lead in Major Cybersecurity Incidents
NIS : Working-level Coordinator
MND for Military Sector and MSIP for Private Sector
