For this hacker, protection is top priority
“The problem is that companies easily spend billions of won in buying equipment, but are reluctant to invest in the personnel necessary to operate it,” said Park, who is a white hat, or a hacker who works to improve computer security. “The most economic solution is to invest in skilled personnel.”
Park is chief of security technology analysis at Softforum, a computer security software company. He is considered one of the top five experts in security software based on the Unix and Linux systems.
Park is cynical about the recent hacking incidents at Nonghyup. He says that only after a company is hacked does it make a fuss about reinforcing its security system. Park believes that if companies had the right security experts and gave them the authority over their computer systems, they could protect themselves from hackers.
“Hackers can find loopholes in computer systems and are often the best programmers,” Park said. “It is unfortunate that hackers are only viewed negatively.”
According to Park, there are only about 100 hackers in the country who can actually figure out program codes.
“Some say there are thousands of hackers in Korea, but most of them just download hacking programs and try getting into a system.”
Only a handful of people become hacking experts who are actually able to understand the system and develop programs to protect it, according to Park.
Park won Codegate, an international hacking protection competition and security conference, in 2009 when he was a sophomore at Inha University. Codegate is one of the most well-known hacking competitions in the world, along with Defcon CTF held in Las Vegas. More than 2,000 teams participate in Codegate every year. He joined Softforum after winning the competition.
Park took an interest in hacking when he was in his fifth year of elementary school. He taught himself about hacking by reading countless books and documents on the subject.
“When I was in middle school, I only read about programming languages such as C or Assembly and my parents were very worried,” Park said. “But after I won a hacking competition for middle and high school students, they were somewhat relieved.”
Park is now interested in defending systems from foreign hackers.
“Many Chinese hackers in particular work for money or military purposes so they don’t participate in public events like hacking competitions,” he said. “In fact, Chinese documents on hacking are explicit about how to hack Web sites or servers. It is worrisome.”
Park says the most important thing a company can do to protect itself from hacking is to train security experts.
“Financial companies and Internet shopping sites have the best security systems, but there is little recognition for security experts,” Park said. “In foreign countries, chief security officers are respected and well-paid, but Korean companies only try to hide problems and hold security personnel responsible when hacking incidents occur.”
By Kim Chang-woo [firstname.lastname@example.org]