[Viewpoint] Bracing for cyberattack before G-20

The Jan. 25, 2003 Internet crisis and the July 7, 2009 distributed denial-of-service attack were the outcome of our ignorance and indifference to cyberspace. Only after the cyberattacks took place did we realize the seriousness of the issue and countered with stop-gap measures after suffering the damages.

DDoS attack signs were detected in advance, but we did not properly prepare, and the crisis grew worse.

The Jan. 25 crisis was worsened because many old security patches were not applied in time.

If we had detected and responded to the warning signs in advance, the damages might have not been so enormous.

According to the 1:29:300 Law, also known as Heinrich’s Law, for every major accident, there are 29 similar, but minor, accidents that take place, and 300 signs detected in advance. Before a major crisis, enough signs of abnormality and directly linked accidents would have been detected.

Therefore, a proper network of cooperation to exchange information and come up with countermeasures among state institutions, cybersecurity research centers and security specialists could have prevented the enormous cybercrisis in advance.

Lately, a malicious computer worm called Stuxnet has infected the electrical networks of Iran and China. It earned the nickname “cybermissile” and has become a major world issue.

Stuxnet is able to infect the command and control systems of major infrastructures such as nuclear power, electricity, semiconductor, communication and traffic networks.

There were already reports that Korea’s industrial control systems could have been infected.

Stuxnet has become not only a problem for Iran and China, but also a world issue, and similar damages are expected to increase.

Malware is not simply an issue in cyberspace, but they are clearly posing threats to our real life, worsening the seriousness of the situation.

These cyberthreats are not just an imagination about a distant future. We, therefore, must prepare diligently and thoroughly to defend the stability of the nation.

In advance of the G-20 Summit, the largest diplomatic event ever in Korea, police and special protection units have staged demonstrations to show their readiness to counter physical threats.

In order to improve event security, organizers should prepare for possible cyberterrorism.

A system to distribute quick reports about malware as soon as they are detected must be established in order to stop them from spreading further and allow developers to improve the Web applications to prevent a similar incident from recurring.

If malware is spread, experts from the government, research institutes and universities must work together to exchange information and counter the attack jointly in order to minimize the damages.

To this end, a standing organization should be established.

In order to prevent computers and servers at work and home from becoming zombie PCs, the government must launch a campaign to inform the public to upgrade their security systems.

The damages will be minimized when the government, experts and public are united to exchange information and work together in a joint counteraction system. Without sharing information, what could be stopped by a simple stitch may require surgery.

We are living in a world in which cyberspace and real life are intertwined so tightly.

Both sides may face unexpected terrorist attacks, but such an unfortunate incident must not happen during the G-20 Summit.

*The writer is vice president of KAIST and the head of the Cyber Security Research Institute.

by Joo Dae-joon