What should South Korea do to prevent future cyber attacks?

Globalization has united the world.  But it has also made it vulnerable to cross-border crimes such as cyber attacks at the hands of the hackers without having them to cross any border.

To combat future cyber attacks, South Korea must use its intelligence to gather, analyze, and process information on these attacks.  The policy makers should then use the processed intelligence to craft anti-cyber attack policies to protect its citizens and national security.  To do so, South Korean policy makers first may need to examine the following issues: a) How should intelligence factor into South Korea’s policy decisions?  b) What intelligence do the policy makers of South Korea would like to have?  c) How the intelligence would be obtained?

The cyber attacks

In April 2011, a computer virus attacked 10 servers of South Korea’s agricultural cooperative known as Nonghyup, affecting 30 million users.  They could not use ATMs and online services.  On July 4, 2009 another malicious software virus attacked South Korea government websites through a “denial of service” scheme.  Furthermore, the attack affected several U.S. government websites.

South Korean authorities believe North Korea is responsible for these cyber attacks.  But they do not have evidence to support their claim so far.

Experts call these cyber attacks asymmetric threats where weaker countries “inflict damage on a richer, more developed rival.”  The asymmetric attacks are becoming effective mechanism of creating terror and launching cyber attacks which are generally designed to cripple critical infrastructure such as power grid, financial, and security networks in a cyber warfare by the weaker states that cannot match their economic and military capabilities with the powerful and richer countries.  Globalization, technology, and reduced cost of hardware and software have made it even easier to launch cyber attacks.

How should intelligence factor into South Korea’s policy decisions?

The intelligence should provide South Korean policy makers a guidance to craft policies to combat future cyber attacks against its computer networks.  The intelligence on the source of the malicious software should enable South Korea to examine its diplomatic relationship with North Korea, which, for example, could prevent any unprovoked military engagements from the North.  The two nations, South Korea and North Korea, are technically still at war.  Given the erratic nature of North Korean government, it is imperative for South Korean leaders to deal not only cautiously but also delicately with their North counterparts over the issue of the cyber attacks.  Blaming the North Koreans without hard evidence could provoke them to take retaliatory actions against South Korea.  But on the other hand, the North Koreans are desperate for economic lifeline to stave off famine and food shortages.  The North Koreans cannot rely on China for its economic and political lifelines for too long because China has to balance its political and economic leverages by strengthening its ties with the U.S.  Therefore, tactfully crafted diplomatic solutions could stabilize and improve the relationship between South Korea and North Korea.  Finally, the intelligence could become a platform for building a coordinated computer network defense system with its allies against cyber attacks.  The cyber attacks are global security issue.  To ensure safety of the citizens and national security, allied countries like South Korea and the U.S. must act bilaterally to put up defenses against cyber attacks.

What intelligence do the policy makers of South Korea would like to have?

First, the South Korean policy makers must identify the source of the virus.  The South Korean authorities do not have any proof where the attacks came from.   Second, the policy makers need to identify the vulnerable sources of South Korean computer networks.  For example, computer passwords in various financial sectors are generally considered to be “weak” in South Korea.  Strong passwords not only provide safety and security, but they also promote best practices against computer theft.  Finally, the security of the South Korean peer-to-peer file-sharing systems need be examined.  Known as P2P networking, the peer-to-peer file sharing systems are the backbone of retail and financial businesses in South Korea.  In a country where 95% of the entire population is wired to broadband internet connections, the highest in the world, policy makers must find out about the weak areas in the P2P network system.  But the intelligence on the deficiencies of P2P system alone may not be enough.  It must be aligned with policy, public education, and improved technological infrastructure.

How the intelligence should be obtained?

The South Korea policy makers should gather intelligence about the cyber attacks from Cyber Warfare Command and Cyber Terror Response Center.  Both of these are South Korean intelligence agencies.  Additionally, the intelligence must be gathered through a network of international communities dedicated to prevent cyber attacks.  For example, developed countries like the U.S., Canada, New Zealand, UK, and Germany must forge a global partnership with emerging countries like India, China, Indonesia, and Philippines to build cyber network defense systems against cyber attacks.

To prevent any further damaging cyber attacks, South Korean policy makers must work closely with their intelligence community to build sustained and effective policies against cyber attacks.  In doing so, South Korea must rely on its allies and their resources to build a robust network defense system.  The intelligence officials and lawmakers in South Korea must forge a partnership to deal with an issue that has far extended beyond its geographic borders by implementing a timely bout of diplomatic efforts and social reforms.