• No results found

Human and Institutional Capacity Building for Information Security

N/A
N/A
Protected

Academic year: 2021

Share "Human and Institutional Capacity Building for Information Security"

Copied!
36
0
0

Loading.... (view fulltext now)

Full text

(1)

2014. 10. 14

Wan S. Yi

VP, Ph.D., CISSP

Korea Internet & Security Agency

Human and Institutional Capacity

Building for Information Security

Human and Institutional Capacity

(2)

2

2

Current Status

1

1

Need for Information Security

4

4

Strategy for IS Capacity Building

3

(3)

Ⅰ. Need for Info. Sec.

Ⅰ. Need for Info. Sec.

Ⅰ. Need for Info. Sec.

Ⅰ. Need for Info. Sec.

Ⅰ. Need for Info. Sec.

Ⅰ. Need for Info. Sec.

Ⅰ. Need for Info. Sec.

Ⅰ. Need for Info. Sec.

(4)

Cyber crisis response cooperation system

Develop Master plan for Korean ICT

1994 Created Ministry of Information and Communication (MIC)

1995 Developed plan for high speed information communication network

Adopted Law

1996 Framework act on information promotion

Acquire Stable Budget

Dedicated Professional Agencies

KISA, KISDI, ETRI, NIPA, NIA

Public Outreach

(5)

Han River Miracle

GDP per capita (current US$)

25,000 20,000 15,000 10,000 5,000 0 1960 1963 1966 1969 1972 1975 1978 1981 1984 1987 1990 1993 1996 1999 2002 2005 2008 2011 5

(6)
(7)
(8)
(9)
(10)

Within 60 years..

Korea’s GDP per capita exceeded $ 23,837 in 2013,

compared to that of $155 in 1960

Korea marks..

33rd in Global GDP ranking (’13)

9th highest world’s trade volume (’13)

7th highest export volume (’13)

1st out of 193 countries in ICT Development Index rankings of ITU (’13)

1st out of 192 countries, in E-Government Development Rankings of UN (’14.6.)

(11)

Agr.,Fishing Chemical Metal ICT sector (Mfg.+Serv.) Auto. & Ship ConstrunctionWholesale & Retail

Finance Real estate & Renting Business activity Public admin. & Defence Education Health & Social work 25 20 15 10 5 0 -5.0 -10.0 2.7 0.0 5.1 5.3 5.8 10.5 8.4 20.8 5.3 5.3 5.9 -5.3 8.9 10.5 7.0 10.5 7.0 0.0 5.3 5.3 6.2 10.5 6.0 0.0 4.5 15.8 GDP ratio (2011) GDP Growth contribution (2012) Unit: % 11

(12)

Ⅱ. Current Status

Ⅱ. Current Status

Ⅱ. Current Status

Ⅱ. Current Status

Ⅱ. Current Status

Ⅱ. Current Status

Ⅱ. Current Status

Ⅱ. Current Status

(13)

Current landscape of ICT

Rapidly expanding broadband

The ICT sector and the crisis

Business & Household adoption and use

Digital content

Government priorities

Internet of things

 50 billion mobile wireless devices connected to Internet by 2020

 700 million M2M enabled cars by 2020

(14)

Threats to Information Society

Cyber space is becoming increasingly crucial for the creation of broader societal benefits. However these economic and social benefits might at risk by poor security, such as the growth in cyber crime or cyber attack against Critical Information Infrastructures (CIIs)

Military Energy Transportation Banking E-Government Information & Telecommunications Health

(15)

Gaps in Information Security Capacity

• Source: Fighting to Close the Gap, Ernst & Young’s 2012 Global

(16)

Changes of Cybersecurity Threats

 Purpose : show-off financial cyber terrorism (social

unrest)

 Technique : manual stealth, automatic organized and intelligent

 Target : individual system large-scale, network social infrastructure,

state scanning Invasion trial System infringement DoS Service stop purposed DDoS attack Sophisticated malicious code destruction of industry infrastructure • Hacktivism

• Sophisticated and continuous attack • Cyber terror

Strategic information war

• Pursuit purposed monetary benefit

Purposed cyber attack-professional hacker

• Small monetary purpose • Attack to unspecified objects

for fun • Curiosity

Common cyber attack

• Employed Employed Employed Employed hacker hacker hacker

hacker • National terrorismNational terrorismNational terrorismNational terrorism • Common attackCommon attackCommon attackCommon attack

Large scale Small scale High Low P P P P rrrr o o o o ffff e e e e s s s s s s s s iiii o o o o n n n n a a a a llll IIII tttt y y y y Scale of damage Scale of damageScale of damage Scale of damage As of now Social confusion, political purpose

(17)

2014

2003 2004 2005 2006 2007 2008 2009 2010 2011 2012 2013

2003 2004 2005 2006 2007 2008 2009 2010 2011 2012 2014

No. Date Cyber Attack

1 2003. 1 A computer virus shut down servers at the country's largest Internet service provider, KT Corp, disconnecting five million customers from the web

2 2005. 6 224,400 cases of ID theft were identified by NCSoft (online game company)

3 2008. 2 10.8 million cases of ID theft were identified by Auction Korea (online shopping company)

4 2009. 7 7.7 DDoS attack to portal sites, online bank and government’s homepages in US and South Korea occurred

5 2011. 9 35 million cases of ID theft were identified by SK Communications (portal site)

6 2013. 3 Major television broadcasters and banks were under cyber attack (48,700 PCs, Servers and ATMs were damaged)

7 2013. 6 The websites of S. Korea’s presidential office, government agencies and some media organizations were attacked

8 2014. 1 85 million personal information from KB Card, NH Card, Lotte Card has been disclosed

9 2014. 3 9.8 million personal information from KT has been disclosed

1 2 3 4 5 6 7

2013

Current Status

– Examples of Cyber Attacks

(18)

 Malicious codes appear : 6,617

source from KISA (2,415,046/Y) ’12 : 1,435, ↑ 361%

 Mobile Malicious codes appear : 2.4

source from KISA (analyzed by KISA)

 Homepage Defacement : 4.7

source from KISA (17,00/Y) ’12 : 8.7, ↓ 46%

 Web-embedded malicious code : 48.6

source from KISA (17,750/Y) ’12 : 35.7, ↑ 36.1%

 DDoS Attack : 1.6

source from KISA (users’ report : 53) source from KISA IX detection : 415 source from KISA cyber shelter : 116 ’12 : 1.6, ↑ 6.7%

 Phishing Site : 21.9

source from KISA 7,999/Y ’12 : 19, ↑ 15%

 Spam : 59,830

source from KISA ’12 : 89,628, ↓ 33%

 Zombie PC : 3,340

source from KISA Sinkhole(1,240,906/Y)

’12 : 8,821, ↓ 63% Incidents in One Day [2013]

(19)

Attack using highly organized

scenario

22 government, corporate site were attacked 3 times Money was not the objective

Self destructed so that attack path could not be predicted

Management Server Management Server Management Server Management Server (6 Nations 9Servers in US and Germany)

Total of 36 Sites Total of 36 Sites Total of 36 Sites Total of 36 Sites (Korea : 22, Global : 14) (Korea : 22, Global : 14) (Korea : 22, Global : 14) (Korea : 22, Global : 14) Attacked Site Attacked Site Attacked Site Attacked Site

Malicious Code Distributer (6 site) Malicious Code Distributer (6 site)Malicious Code Distributer (6 site) Malicious Code Distributer (6 site)

Pusan PusanPusan Pusan Seoul SeoulSeoul Seoul GuaChon GuaChon GuaChon GuaChon JinJu JinJu JinJu JinJu

Pusan Webhard Site Pusan Webhard SitePusan Webhard Site Pusan Webhard Site

Seoul SeoulSeoul Seoul Webhard Webhard Webhard Webhard Side SideSide Side

Attack command server Attack command server Attack command server Attack command server

(1 in US) (1 in US)(1 in US) (1 in US) Destroy zombie PC Destroy zombie PC Destroy zombie PC Destroy zombie PC (6 Nations 6 Servers in US etc.) Recollection

Recollection Recollection

Recollection ServerServerServerServer

((((333 Nations3NationsNationsNations 3333 ServerServer inServerServerinin Canada/VenezuelainCanada/VenezuelaCanada/Venezuela etcCanada/Venezuelaetcetcetc....))))

PCs PCs PCs PCs Manage zombie Manage zombie Manage zombie Manage zombie PCs PCs PCs PCs

Store info. on zombie Store info. on zombie Store info. on zombie Store info. on zombie

PCs PCs PCs

PCs commandcommandcommandcommand Send DDoS attack Send DDoS attack Send DDoS attack Send DDoS attack

command commandcommand

command Erase HDDErase HDDErase HDDErase HDD

Info. Store Server Info. Store Server Info. Store Server Info. Store Server (59 Nations 416 Server) (59 Nations 416 Server) (59 Nations 416 Server) (59 Nations 416 Server) Attacker Attacker Attacker Attacker

Cyber Incidences

– Global Issue

(20)

Ⅲ. Main Activities

Ⅲ. Main Activities

Ⅲ. Main Activities

Ⅲ. Main Activities

Ⅲ. Main Activities

Ⅲ. Main Activities

Ⅲ. Main Activities

Ⅲ. Main Activities

(21)

K-Link Program

Purpose

Invite ICT policy makers and public officials

To share knowledge Korea has gained during development process

Subjects on mobile communication, information security, spectrum management, e-Government, transition to IPv6 and digital broadcasting, etc.

Programs

High-level official course: focused on ICT policy

Intensive course: 2 weeks, focused on one specific subject Youth ICT course: offered to international students in Korea Integrated course: consists of 3 different subjects

(22)

APISC Security Training Course

To learn and share experience on computer incidents prevention and response

5 days, mainly focus on the CSIRT establishment and operation

(23)

IS Experience Sharing Activity

Rwanda

Rwanda

Rwanda

Rwanda

MoU with Rwanda Gov.(RDB) on Information Security(July 2011) Rwandan President Visit to KISA Situation Room(December 2011)

(24)

Cybersecurity Workshop

Costa Rica (Jan 2013)

Bangladesh (May 2013)

Indonesia (May 2013)

Uganda (July 2013)

Kenya (July 2013)

Thailand (Sept 2013)

Azerbaijan (Nov 2013)

Oman (Oct. 2013, April 2014)

Croatia (May 2014)

Belarus (May 2014)

Cambodia (Aug. 2014)

Mongolia (Sept. 2014)

Uzbekistan (Sept. 2014)

(25)

APCICT ICT Security Training

APCICT & the Union Civil Service Board (UCSB) of Myanmar jointly

organized the National workshop on e-Government and Information

Security & Privacy (May 2013, July 2014, Myanmar)

50 trainees from Myanmar government “Academy of ICT Essentials for

Government Leaders”

Training on Module 6 provides an overview of the need for information security, major issues and trends, and the process of formulating an information security strategy, etc.

(26)

Knowledge Sharing Program(KSP)

Modulization of Information Security Activities

Main policies of information security

√ Policies and strategies

√ Information security laws & regulations Main information security activities

√ Internet incident response, e-gov security, CIIP, PKI, ISMS, IS product evaluation, Privacy, etc. Basic implementation activities

√ Education and training, R&D, awareness, partnership Evaluation

√ Accomplishment and comparison Implications

(27)

Knowledge Sharing Program

Cooperation with UAE ADSIC

ISMS Recommendation for UAE ADSIC Capacity building plan for UAE Abu Dhabi √ Framework for Information Security Workforce

Development and Policy Development

√ Best practices in information security policy: High level workforce development programs Center for strategic & international studies policies

Homeland security policy

Information security education certification programs

(28)

Central American ICT Training Center

To increase broadband penetration rate and to support e-Government projects

Inaugurated on 9

th

June 2014 in Nicaragua

Training center for 7 central- ameriacan nations

(29)

Global Cybersecurity Center for Development(GCCD)

Bring together the extensive experience of Korea’s cybersecurity Education & training for improvement of capability for IS

(30)

Ⅳ. Strategy for IS CB

Ⅳ. Strategy for IS CB

Ⅳ. Strategy for IS CB

Ⅳ. Strategy for IS CB

Ⅳ. Strategy for IS CB

Ⅳ. Strategy for IS CB

Ⅳ. Strategy for IS CB

Ⅳ. Strategy for IS CB

(31)

Ecosystem for training Information Security workforce

Department of Information Security Information security multidisciplinary major Universities Graduate schools Reemploym ent and lifelong education Liberal arts Vocational High schools

(re)employment/supply of Information security workforce

Effective measurement of Information security education programs

Infrastructure for training workforce

Enhanced prediction of domestic supply and demand of Information security workforce

Establishment of Essential Body of Knowledge (EBK) Information security managers/CSO

(planning/audit, etc.) Information security consultants

(risk/assessment, etc.)

Engineers (operation/development, etc.) Expansion of the Information Security

workforce demand structure

(32)

Internet Incident Response Technology Research Centers in colleges (40 Centers) Smart Grid Security Center

BcN, Home Network, u-office wireless network, RFID/USN Improvement of security processing speed

Regional Research Centers, which conduct information security research Real-time intrusion prediction and early warning technology

IT system security level evaluation tools USN security research

ITRC (IT Research Center) project(1998 ~)

RRC (Regional Research Center) project(1995 ~)

(33)

Objective : To foster 2,000 high-level information security experts customized to the needs of enterprises

Background : Industrial demand for high-level technology, education opportunities are provided to the frontline workforce with focus on practical skills

AKIS

(Academy of Knowledge

Information Security) Digital Forensics

Biometrics

High Demand for education;

however, private educational institutions were

not willing to provide them due to high initial

investment costs

RFID/USN Security

Information security consultants

(34)

Objective : To foster 300 high-caliber experts

Background : 2008 knowledge information security industry promotion plan

consortium

Enterprises Jointly Plan and Run the CurriculaJointly Plan and Run the Curricula Universities

Master’s degree

(35)

Objective

: To create jobs in the information security area and revitalize

the information security industry

consortium

Enterprises Educational Institutions

Professional

The unemployed The potential employees

(36)

Conclusion

and Q&A

References

Related documents

Abstract—This research focused on preventing collisions between cyclists and heavy goods vehicles (HGVs). A collision avoidance system, designed to avoid

35 Female labor participation may generate many intra-household effects: time allocation effects (e.g., both parents working have less time to allocate to child care or domestic

Request for information and invitation of tender Tender invitation Evaluation of tenders Due diligence and agreement proposals Negotiation Factors seen as motivational

The easiest way to control the copying of decrypted data is to create a special software browser or player for the material, so that it will decrypt and play the data on an analog

Nonetheless, in societies where the private sector forms a major source of group inequality in jobs, incomes and assets, horizontal inequality in this sector could be conducive

The purpose of this paper is to contribute to the understanding of the gender gap in investor behavior by taking a behavioral perspective and, specifically, resting on the concept of

En este trabajo se analizaron las consecuencias de la discriminación laboral por razones de orientación sexual sobre la salud de las personas LGB, con particular énfasis

Furthermore, the results suggest that the biases in reasoning that accompany delusional beliefs, which have presented themselves on traditional non-specific reasoning tasks, also