Protection of Criticl Informtion Infrstructure in Kore Kim, Woonyon 2005. 10 Ntionl Security Reserch Institute
Contents Ntionl Cyber Security Mngement System Criticl Informtion Infrstructure (CII) Mngement System Cse Study of Criticl Informtion Infrstructure Threts Conclusions
Estblishment of Ntionl Cyber Security Mngement System Internet crisis of Jnury 25, 2003 by Slmmer Worm Prlysis of internet bnking services shopping mll services A deepening informtion system dependency Ntionl infrstructure control systems tend to be connected to internet. We cn predict prlysis of criticl infrstructures from n internet ttck. Ntionl Cyber Security Mngement System
Cyber Security Mngement System President Ntionl Cyber Security Strtegy Council Centrl dministrtive Agencies Ntionl Cyber Security Countermesures Committee Locl Government Government-invested Orgniztion Government-ffilited institutions Reserch Institutes Legl Legl Bsis: Bsis: Ntionl Cyber Cyber Security Mngement Regultion (Presidentil Directive No.141)
Relevnt Lws Regultions Relevnt Lws Regultions Ntionl Intelligence Service Act (Security Affirs Regultion) Ntionl Cyber Security Mngement Regultion Frmework Guideline on Ntionl Informtion communiction Security E-Government Act Informtion Security Issues Functions of Ntionl Intelligence Service Security Activities for Documents, Mterils, Fcilities Ares relted to Ntionl Security Plnning Coordintion of Intelligence Security Affirs Provisions for Ntionl Cyber Security Orgniztionl Structure Opertion Apply to Informtion Communiction Networks of Ministries Agencies of Centrl Locl Government, s well s Public Agencies Bsic Activities for n Informtion Communiction Security Mngement of n Informtion Communiction Security Provisions for Protection Mesures ginst modifiction, disruption, disclosure or destruction of n Electronic document Informtion Infrstructure Protection Act Identify Criticl Informtion Communiction Infrstructure, n estblish implement Protection Pln Review ssess its Security Vulnerbility every 2 yers
Roles of Ntionl Intelligence Service Technicl support for criticl informtion infrstructure which is defined by Informtion Communiction Infrstructure Protection Act Supervising coordinting ll ntionl-level cyber security policies mngement systems Plnning Coordinting ntionl informtion security opertions Ntionl-wide comprehensive systemtic countermesures ginst cyber terror ttck Key roles re to protect criticl informtion infrstructures.
CII Mngement System Committee on on of of informtion infrstructure Coordinting Coordinting policy policy pln pln Improving Improving system system Delibertion Delibertion on on policy policy Reviewing Reviewing gend gend Ministries Assignment Assignment or or bolition bolition of of CII CII Estblish Estblish pln pln guidelines guidelines for for CII CII Crete Crete strds strds for for Vulnerbility Vulnerbility nlysis nlysis ssessment ssessment CII CII Mngement Body Body Implement Implement pln pln Anlyze Anlyze ssess ssess security security vulnerbilities vulnerbilities (every (every 2 2 yers) yers) Criticl Informtion Infrstructure
Cse for Ntionl Public Sectors Reverse Connection Top Secret Attcker (Abrod) Ntionl Orgniztions
Informtion shring mong ARF members Trends of Cyber Intrusions Globliztion of cyber ttcks Vrious types of cyber intrusions from simple to sophisticted ttcks Complicted ttcks Informtion shring mong ARF member countries Informtion shring of cyber threts Informtion shring of incidents responses Informtion Shring mong ARF Countries
Conclusions Cyber Security Mngement System is min system for protecting ntionl criticl informtion infrstructure. We need coopertion mong ARF member countries regrding cyber intrusion ttempts. Kore s ntionl cyber incidents response orgniztion : Ntionl Cyber Security Center Tel : 82-2-557 557-0264 E-Mil : info@ncsc.go.kr
Thnk you very much for your kind ttention.