11.15 Thu

Opinion

Prevention is the best medicine

Feb 09,2018
In Feb. 2016, the Polish Financial Supervision Authority discovered a malware related to a North Korean and cancelled the system’s online connection. North Korea is also said to be involved in withdrawal incidents at central banks in Mexico and Chile. North Korea suffered major financial damage as a result of international sanctions, and to make up for it, it is making money by hacking foreign financial institutions.

In 2014, the North Korean hackers’ unit Bureau 121 used infrastructure in a military district in Shenyang, China, to hack various Korean agencies such as the National Agricultural Cooperative Federation and the Korea Hydro and Nuclear Power Co. What’s most worrisome is that most new cyberpowers do not have organized military rules on cyberoperations, and operational control is handled at various levels, from the state head to the field commander.

The first step for security is to prepare for potential attacks and secure responsive and deterrence measures for accidents. It is important to have simulation training for typical penetration scenarios. Secondly, plans should be established to fight off actual attacks by organized, large-scale criminal groups. To counter advanced hacking groups, we need to consider adopting solutions with analysis and response capabilities based on security intelligence. Thirdly, as cyberattackers become more dangerous, security providers need to offer products that can establish comprehensive security systems rather than simple commercial products.

We should admit that conventional solutions are not sufficient against new types of cyberattacks and devise more evolved defense strategies.

Attackers may have already infiltrated the targeted system. It could take more than a year to track down those making cyberthreats. Even now, they could access government or corporate networks and steal datasets. Government and business networks that could be targets for North Korea must implement a system to trace and monitor attackers preemptively.

*CEO of FireEye Korea

Chun Soo-hong
All News