Korea without solution in worldwide ¡®Security Enforcement¡¯¡¦ ¡°Cyber battle defense may come¡±
Lee Gyung Tak | kt87@ | 2017-09-26 09:50:15

South Korea has not been able to respond positively to this trend while the world`s major powers such as the United States, EU, China, Russia and India are tightening regulations on competitors` IT and security products in preparation for cyber warfare. There is a growing concern about the possibility of being caught in.

According to the industry on September 25, the European Commission has extended the EU Information Security Agency (ENISA) to the EU Cyber Security Area in order to strengthen the cyber security of Europe and set up a cyber security certification framework, and plans to create a unified authentication system for IT products and services used by the public sector. The EU aims to increase its deterrence against product supply and effectively cope with the increasing overseas cyber attacks against Europe through this blueprint.

The US Department of Homeland Security (DHS) has recently decided to ban all Russian federal agencies` Kaspersky Lab products from suspected involvement with Russian government and intelligence agencies. Lee Chang-hoon, president of Kaspersky Lab Korea, said, "The company has no cohesion with any government and we will review the response before the US Parliament takes action before the US Department of Homeland Security takes action." President Eugene Kaspersky will receive a request to attend the US Congress on September 27.

Especially, the US government is tightening regulations on Chinese products. In the past year, the United States has identified Huawei network equipment as a security threat in China due to a backdoor (system security hole) issue in 2012, and has virtually disappeared in the private market as well as the national backbone network. The US Army banned the use of drones by China DJI, the largest drones company in the world, due to security weakness last month, and then released `Visual Discovery`, a malicious code program, (USD 4 million) without stopping here. Hackers are known to be able to access and transfer sensitive personal information through the program.

Meanwhile, according to the Financial Times (FT), the Indian government, which is in the border dispute with China, is also examining the regulation of information security risks and data leakage of Alibaba subsidiary services and Chinese IT products such as Oppo, Bibo and Xiaomi. On September 20, the federal government of India called an emergency meeting, claiming that about 320,000 credit cards issued by 19 banks across the country were hacked by China.

Some politicians and security industry conspiracy theories that the Chinese government dreams of building a so called ¡®Big Brother¡¯ system by utilizing the fact that it is a state-owned corporation and only a private enterprise. In fact, the Chinese government implemented the `Cyber Security Act` in June to strengthen control over overseas IT companies. It is clear from the industry that, even before the enactment of the law, companies are required to disclose business-confidential data "source code", but the law is broad and ambiguous, requiring source code disclosure and backdoors at any time.

Lee Hee-joo, a professor at Korea University, who is a senior CTO from Ahnlab, pointed out, "The use of IT products for cyber security at the national level is one of the key issues facing China, "IoT (Internet of Things) products, especially those with high security vulnerabilities, are being produced in China and this phenomenon is becoming more prominent.¡±

Korea has recently applied the Huawei network equipment among them, which has been controversial for the backbone of the PyeongChang Olympic system construction due to the surge of IP camera hacking cases in China. However, there is not enough monitoring system and policy interest in addition to domestic CC (Common Criteria) certification. A representative from the government said, "It is not possible to know whether or not China will intentionally plant a back door on its products. However, it is not possible to make special measures and regulations only with the intention of checking."

"The IT product itself has a control function such as remote control, so there is enough room to exploit," said Lim Jong-in, a former president of the Blue House Security Policy Department, who is a professor at the cyber security policy center at Korea University. Many are found and governments are regulating, but Korea is geopolitically weak, and it is not easy to do this because of the strong winds.¡± Professor said, "We cannot localize all the IT and security products that go into the national infrastructure, but we must have the minimum capacity to inspect it as there is a need for security." In addition, In order to increase technological competitiveness, it is necessary to give a price and make public business. "

By Lee Gyung Tak kt87@


[ copyright ¨Ï The Digitaltimes ]