Major Issues of the National Cyber Security System in South Korea, and its Future Direction

Abstract

The National Cyber Security System (NCSS) of South Korea came under criticism when North Korean cyber-terrorists attacked the office computers and servers of major South Korean broadcasting and financial companies on March 20, 2013. The NCSS had evolved up to that time by addressing problems that arose from incidents dating to the January 25, 2003 Internet crisis, the March 4, 2011 distributed denial of service (DDoS) crisis, and other events occurring between those attacks. The above 2013 cyber-terrorism incident magnified the limits of NCSS leadership, expertise, and collaborative systems, while revealing that past reforms were nothing more than stopgap measures. Cyber security is a problem that is no longer restricted to cyberspace. At the U.S.-China Summit of June 2013, U.S. President Obama and Chinese President Xi Jinping for the first time initiated discussions on cyber security, resulting in the summit centering on cyber safety. Additionally, the release of the "National Cyber Security Framework Manual" and the "Tallinn Manual" by the NATO Cooperative Cyber Defence Centre of Excellence (NATO CCD COE) produced widespread agreement among many countries that cyber security is core to preserving national security. It is important for South Korea to discard its stopgap measures, recognize that a centralized cyber security system is an integral aspect of national security, and develop a comprehensive cyber security plan.