• Journal of Information Technology Services
• /
• v.20 no.5
• /
• pp.119-136
• /
• 2021

Since the global spread of COVID-19, social distancing and untact service implementation have spread rapidly. With the transition to a non-face-to-face environment such as telework and remote classes, cyber security threats have increased, and a lot of cyber compromises have also occurred. In this study, cyber-attacks and response cases related to COVID-19 are summarized in four aspects: cyber fraud, cyber-attacks on companies related to COVID-19 and healthcare sector, cyber-attacks on untact services such as telework, and preparation of untact services security for post-covid 19. After the outbreak of the COVID-19 pandemic, related events such as vaccination information and payment of national disaster aid continued to be used as bait for smishing and phishing. In the aspect of cyber-attacks on companies related to COVID-19 and healthcare sector, we can see that the damage was rapidly increasing as state-supported hackers attack those companies to obtain research results related to the COVID-19, and hackers chose medical institutions as targets with an efficient ransomware attack approach by changing 'spray and pray' strategy to 'big-game hunting'. Companies using untact services such as telework are experiencing cyber breaches due to insufficient security settings, non-installation of security patches, and vulnerabilities in systems constituting untact services such as VPN. In response to these cyber incidents, as a case of cyber fraud countermeasures, security notices to preventing cyber fraud damage to the public was announced, and security guidelines and ransomware countermeasures were provided to organizations related to COVID-19 and medical institutions. In addition, for companies that use and provide untact services, security vulnerability finding and system development environment security inspection service were provided by Government funding programs. We also looked at the differences in the role of the government and the target of security notices between domestic and overseas response cases. Lastly, considering the development of untact services by industry in preparation for post-COVID-19, supply chain security, cloud security, development security, and IoT security were suggested as common security reinforcement measures.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.25 no.6
• /
• pp.857-860
• /
• 2021

The 21st century society has entered the fourth industrial society of machine to machine from the information society of human to machine. Accordingly, countries around the world are always operating efficient crisis management systems that can quickly respond to disasters or crises. As cyber attacks such as cyber warfare are actually progressing, countries around the world are conducting defense training in response to cyber attacks, and reflecting the results of simulation attacks in improving or building security systems. In this paper, we would like to consider the future cyber training development guide by comparing and analyzing the trends of cyber training in domestic and foreign countries.

• The KIPS Transactions:PartC
• /
• v.13C no.1 s.104
• /
• pp.63-68
• /
• 2006

Cyber Attacks have increased damages constantly in all over the world for several years. A survey said the cost caused by Cyber Attacks had increased 225 times from 1996 to 2003. It is very difficult to calculate the cost by the Attacks exactly but the calculating the cost of cyber attacks would be great helpful for a company to decide how much budget to spend to Information Security. In this research we could reach the conclusion : the cyber attacks has decreased the stock price of the companies, especially pure internet companies. But the stock market has not greatly impacted by the types of Cyber Attacks. Korean stock market also impacted by the Internet Destruction Accident happened Jan. 25. 2003. On the basis of this study we will recommend a policy or a regulation which force board of directors and officers of a company to have information security liability.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.14 no.1
• /
• pp.260-280
• /
• 2020

Cyber-attacks emerge in a more intelligent way, and various security technologies are applied to respond to such attacks. Still, more and more people agree that individual response to each intelligent infringement attack has a fundamental limit. Accordingly, the cyber threat intelligence analysis technology is drawing attention in analyzing the attacker group, interpreting the attack trend, and obtaining decision making information by collecting a large quantity of cyber-attack information and performing relation analysis. In this study, we proposed relation analysis factors and developed a system for establishing cyber threat intelligence, based on malicious code as a key means of cyber-attacks. As a result of collecting more than 36 million kinds of infringement information and conducting relation analysis, various implications that cannot be obtained by simple searches were derived. We expect actionable intelligence to be established in the true sense of the word if relation analysis logic is developed later.

• International journal of advanced smart convergence
• /
• v.11 no.3
• /
• pp.7-16
• /
• 2022

The targets of cyber-attacks are not limited to the websites and internal IT systems of shipping agencies. Ships and ports have become important targets for cyber attackers. This paper examines the current state of ship network security, introduces the International Maritime Organization's resolution on ship network security management, and summarizing the cyber-attacks in maritime so the readers can have a general understanding of maritime environment.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.14 no.5
• /
• pp.2186-2203
• /
• 2020

Security administrators of companies and organizations need to come up with proper countermeasures against cyber-attacks considering infrastructures and security policies in their possession. In order to develop and verify such countermeasures, the administrators should be able to reenact both cyber-attacks and defenses. Simulations can be useful for the reenactment by overcoming its limitations including high risk and cost. If the administrators are able to design various scenarios of cyber-attacks and to develop simulation models from their viewpoints, they can simulate desired situations and observe the results more easily. It is challenging to simulate cyber-security issues, because there is lack of theoretical basis for modeling a wide range of the security field as well as pre-defined basic components used to model cyber-attacks. In this paper, we propose a modeling method for cyber-security simulations by developing a basic component and a composite model, called Abstracted Cyber-Security Unit Model (ACSUM) and Abstracted Cyber-security SIMulation model (ACSIM), respectively. The proposed models are based on DEVS(Discrete Event systems Specification) formalism, a modeling theory for discrete event simulations. We develop attack scenarios by sequencing attack behaviors using ACSUMs and then model ACSIMs by combining and abstracting the ACSUMs from a security perspective. The concepts of ACSUM and ACSIM enable the security administrators to simulate numerous cyber-security issues from their viewpoints. As a case study, we model a worm scenario using ACSUM and simulate three types of simulation models based on ACSIM from a different security perspective.

• IEMEK Journal of Embedded Systems and Applications
• /
• v.14 no.5
• /
• pp.269-275
• /
• 2019

This paper addresses the control problem of cyber-physical systems under controller attack. A novel discontinuous Lyapunov functionals are employed to fully utilize sampled-data pattern which characteristic is commonly appeared in cyber-physical systems. By considering the limited resource of networks, cyber-attacks on the controller are considered randomly occurring and are described as an attack function which is nonlinear but assumed to be satisfying Lipschitz condition. Novel criteria for designing controller with robustness for cyber-attacks are developed in terms of linear matrix inequality (LMI). Finally, a numerical example is given to prove the usefulness of the proposed method.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.27 no.1
• /
• pp.103-113
• /
• 2017

Cyber attacks can be classified by type of cyber war, terrorism and crime etc., depending on the purpose and intent. Those are mobilized the various means and tactics which are like hacking, DDoS, propaganda. The damage caused by cyber attacks can be calculated by a variety of categories. We may identify cyber attackers to pursue trace-back based facts including digital forensics etc. However, recent cyber attacks are trying to induce confusion and deception through the manipulation of digital information or even conceal the attack. Therefore, we need to do the harm-based analysis. In this paper, we analyze the damage caused during cyber attacks from economic and political point of view and by inferring the attack intent could classify types of cyber attacks.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.23 no.1
• /
• pp.89-96
• /
• 2013

Recent DDoS attacks and private informations leaked show that everyday life is interwoven with cyberspace and we are becoming more vulnerable to cyber attacks. Therefore, a systematic understanding of cyber damage structure is very important and damage loss estimation method should be developed to establish solid cyber security protection system. In this study, economic loss caused by cyber attacks are surveyed based on the analysis of existing studies and try to develop a reasonable methods to estimate economic effects of cyber security protection in Korea. Potential economic loss of Korea by cyber attacks may be situated between 10 billion and 40 billion dollars. But more sophisticated system should be established to estimate economic effects of cyber protection for proper policy decision making.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.28 no.5
• /
• pp.1247-1258
• /
• 2018

The Cyber Kill Chain originally proposed by Lockheed Martin defines the standard procedure of general cyber attacks and suggests tailored defensive actions per each step, eventually neutralizing the intent of the attackers. Defenders can effectively deal with Advanced Persistent Threat(APT)s which are difficult to be handled by other defensive mechanisms under the Cyber Kill Chain. Recently, however, social engineering techniques that exploits the vulnerabilities of humans who manage the target systems are prevail rather than the technical attacks directly attacking the target systems themselves. Under the circumstance, the Cyber Kill Chain model should evolve to encompass social engineering attacks for the improved effectiveness. Therefore, this paper aims to establish a definite concept of Cyber Kill Chain for social engineering based cyber attacks, called Social Engineering Cyber Kill Chain, helping future researchers in this literature.