• The Journal of the Institute of Internet, Broadcasting and Communication
• /
• v.14 no.2
• /
• pp.1-10
• /
• 2014

In this study, I analyzed the increased threat of cyber warfare and the threat of reality about what is happening around the currently. And to prepare for it, I proposed the fact how main developed countries deal with cyber warfare. Also, I presented North Korea's cyber warfare threat which is equipped with world's top 3 cyber warfare performance and the way how their strategy influence to South Korea's national security. Moreever, I studied the existing North Korea's cyber warfare threat and the way how, how South Korea deal with it and prepare to against expected threat of cyber warfare in future.

• Convergence Security Journal
• /
• v.13 no.4
• /
• pp.77-83
• /
• 2013

As the network composed of numerous sensor nodes, sensor network conducts the function of sensing the surrounding information by sensor and of the sensed information. The concept of the battlefield is also changing to one that includes not only physical spaces but all areas including the networks of the nation's key industries and military facilities, energy facilities, transportation, and communication networks. In light of the changing warfare in terms of how it is conducted and what form it takes, the Korea military has to seek ways to effectively respond to threats of cyber warfare. In the past, although partial strategies on cyber warfare were studied, no research was done through the overall system flow. In this paper, key variables related to cyber warfare security are classified into personnel, management, and technology. A simple model and an extended model are suggested for each area, and based on the technology area of the extended model, formal methods are used to verify the validity and a detailed response strategy is suggested according to the identified leverage.

• Journal of the Korea Society of Computer and Information
• /
• v.25 no.8
• /
• pp.31-37
• /
• 2020

In this paper, we propose a system architecture and methodology based on cyber kill chain and MITRE ATT&CK for experiment analysis on cyber warfare simulation. Threat analysis is possible by applying various attacks that have actually occurred with continuous updates to reflect newly emerging attacks. In terms of cyber attack and defense, the current system(AS-IS) and the new system(TO-BE) are analyzed for effectiveness and quantitative results are presented. It can be used to establish proactive cyber COA(Course of Action) strategy, and also for strategic decision making. Through a case study, we presented the usability of the system architecture and methodology proposed in this paper. The proposed method will contribute to strengthening cyber warfare capabilities by increasing the level of technology for cyber warfare experiments.

• Convergence Security Journal
• /
• v.23 no.4
• /
• pp.71-80
• /
• 2023

Cyberspace has emerged as the fifth domain of warfare, alongside land, sea, air, and space. It has become a crucial focus for offensive and defensive military operations. Governments worldwide have demonstrated their intent to engage in offensive cyber operations within this domain. This paper proposes an innovative offensive cyber kill chain model that integrates the existing defensive strategy, the cyber kill chain model, with the joint air tasking order (ATO) mission execution cycle and joint target processing procedure. By combining physical and cyber operations within a joint framework, this model aims to enhance national cyber operations capabilities at a strategic level. The integration of these elements seeks to address the evolving challenges in cyberspace and contribute to more effective jointness in conducting cyber operations.

• Korean Security Journal
• /
• no.39
• /
• pp.319-353
• /
• 2014

Cyber-based technologies are now ubiquitous around the glob and are emerging as an "instrument of power" in societies, and are becoming more available to a country's opponents, who may use it to attack, degrade, and disrupt communications and the flow of information. The globe-spanning range of cyberspace and no national borders will challenge legal systems and complicate a nation's ability to deter threats and respond to contingencies. Through cyberspace, competitive powers will target industry, academia, government, as well as the military in the air, land, maritime, and space domains of our nations. Enemies in cyberspace will include both states and non-states and will range from the unsophisticated amateur to highly trained professional hackers. In much the same way that airpower transformed the battlefield of World War II, cyberspace has fractured the physical barriers that shield a nation from attacks on its commerce and communication. Cyberthreats to the infrastructure and other assets are a growing concern to policymakers. In 2013 Cyberwarfare was, for the first time, considered a larger threat than Al Qaeda or terrorism, by many U.S. intelligence officials. The new United States military strategy makes explicit that a cyberattack is casus belli just as a traditional act of war. The Economist describes cyberspace as "the fifth domain of warfare and writes that China, Russia, Israel and North Korea. Iran are boasting of having the world's second-largest cyber-army. Entities posing a significant threat to the cybersecurity of critical infrastructure assets include cyberterrorists, cyberspies, cyberthieves, cyberwarriors, and cyberhacktivists. These malefactors may access cyber-based technologies in order to deny service, steal or manipulate data, or use a device to launch an attack against itself or another piece of equipment. However because the Internet offers near-total anonymity, it is difficult to discern the identity, the motives, and the location of an intruder. The scope and enormity of the threats are not just focused to private industry but also to the country's heavily networked critical infrastructure. There are many ongoing efforts in government and industry that focus on making computers, the Internet, and related technologies more secure. As the national intelligence institution's effort, cyber counter-intelligence is measures to identify, penetrate, or neutralize foreign operations that use cyber means as the primary tradecraft methodology, as well as foreign intelligence service collection efforts that use traditional methods to gauge cyber capabilities and intentions. However one of the hardest issues in cyber counterintelligence is the problem of "Attribution". Unlike conventional warfare, figuring out who is behind an attack can be very difficult, even though the Defense Secretary Leon Panetta has claimed that the United States has the capability to trace attacks back to their sources and hold the attackers "accountable". Considering all these cyber security problems, this paper examines closely cyber security issues through the lessons from that of U.S experience. For that purpose I review the arising cyber security issues considering changing global security environments in the 21st century and their implications to the reshaping the government system. For that purpose this study mainly deals with and emphasis the cyber security issues as one of the growing national security threats. This article also reviews what our intelligence and security Agencies should do among the transforming cyber space. At any rate, despite of all hot debates about the various legality and human rights issues derived from the cyber space and intelligence service activity, the national security should be secured. Therefore, this paper suggests that one of the most important and immediate step is to understanding the legal ideology of national security and national intelligence.

• Convergence Security Journal
• /
• v.20 no.1
• /
• pp.15-24
• /
• 2020

Cyber terror and cyberwarfare are no longer virtual, but real, and as an actual security situation, it is necessary to have new understanding through expanding the concept of war to neutralize not only the other country's military command system, but also the country's main functions such as telecommunications, energy, finance, and transport systems, and it also needs to establish the future development strategy of cyber terror response at the national level. Through analysis of cyberwarfare trends in each country and current status of cyberwarfare in Korea, it will systematically explore the demand of new policy based on laws and systems, including the strategies of cyber security technology development, industry promotion, and manpower training and existing information protection policies. through this, it effectively manages a sustainable national crisis, and it suggests to establish a future strategy for the medium and long term cyber security that can effectively and actively respond to cyberwarfare.

• The Journal of the Convergence on Culture Technology
• /
• v.6 no.3
• /
• pp.105-109
• /
• 2020

The Future Army in 2050 should prepare for various future threats and effectively utilize its superintelligence and hyper-connected weapons systems to develop ways of fighting new concepts to dominate multi-regional battlefields and achieve victory. First, the establishment of active and offensive military strategies based on ability. Second, the battle of central strike for enemy combat will paralysis. Third, the battle of simultaneous integrated mosaic using multidisciplinary areas. Fourth, cyber warfare based on artificial intelligence that transcends time and space. Fifth, Combined Platform War. After all, future wars will be won or lost by invisible wars on cyber space.

• Korean Security Journal
• /
• no.40
• /
• pp.109-145
• /
• 2014

Despite much discussions on cyber-terrorism in South Korea, several missing issues could be addressed. This paper attempts to deal with such missing but important issues. In South Korea, there has been little attentions on cyber-terrorism with the respects of national security strategy development under macro framework responding to future security environment. This article focuses on such issues. In other words, the purpose of this paper evaluates the meaning of national security threats raised from cyber-terrorism as a mode of security threats and proposes the matter of cyber-terrorism within the development of national security strategy in the future security environment. several issues in this discussion pass some important messages for the construction of national security strategic approach framework within the future security environment adding cyber-space. in the future environment, a new space called cyber is added as an important external condition which might determine the security of individuals, societies, and nations. Therefore, the fundamental strategic framework should be prepared. After that, the trend and direction of future technological advancement should be understood and the identity, nature, and types of threat should be analyzed. Also, after that, various responses and countermeasures are together constituted in the aspect of function and system regarding various anticipated threats of the future human society including cyber-terrorism.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.30 no.1
• /
• pp.59-74
• /
• 2020

The web space where web applications run is the cyber information warfare of attackers and defenders due to the open HTML. In the cyber attack space, about 84% of worldwide attacks exploit vulnerabilities in web applications and software. It is very difficult to detect web vulnerability attacks with security products such as web firewalls, and high labor costs are required for security verification and assurance of web applications. Therefore, rapid vulnerability detection and response in web space by automated software is a key and effective cyber attack defense strategy. In this paper, we establish a security risk management model by intensively analyzing security threats against web applications and software, and propose a method to effectively diagnose web and application vulnerabilities. The testing results on the commercial service are analyzed to prove that our approach is more effective than the other existing methods.

• Maritime Security
• /
• v.3 no.1
• /
• pp.45-72
• /
• 2021

North Korea's cyber capabilities represent a relatively new threat to global financial institutions and foreign governments, particularly the U.S and South Korean governments. Based primarily on publicly available sources, such as journalistic accounts and scholarly publications, this qualitative paper analyzes the ways in which North Korean leader Kim Jong Un has bolstered his country's asymmetric power and advanced his line of byungjin (dual development in the economy and military). Particularly by merging the cyber and maritime domains, North Korean operatives generate more revenue for the regime and helps keep the heavily sanctioned leadership in power. Despite the increased international attention to North Korean hackers, few analysts have examined the important role of cyber in the DPRK's internal political culture, specifically in advancing Kim Jong Un's byungjin line. Cyber fits into the DPRK's longstanding tradition of irregular warfare and guerilla-based armed struggle. Cyber also further advances Kim's personal reputation in the DPRK as an economic innovator and military strategist. This paper pays particular attention to the role of the DPRK's cyber operations in both ideological and maritime contexts. Recently, North Korean hackers have targeted South Korean shipbuilding industries and developed a blockchain scam, known as Marine Chain. North Korean cyber agents have increasingly paid attention to the nexus of cyber and maritime domains in their activities.