[Interview] Letting loose the dogs of cyber warfare

People

Published: 03 Apr. 2012, 19:32

[Interview] Letting loose the dogs of cyber warfare

Lim Jong-in. President of Korea University’s Graduate School of Information Security

The world is at war - a cyber war.

Korea recently got its first “military academy” fostering “cyber warriors.” It opened within the grounds of Korea University and received its first batch of recruits last month.

Although they are officers in charge of national defense, they bear little resemblance to the traditional stereotype of well-built, eagle-eyed soldiers. They are more likely to wear glasses, look like bookworms and have the kind of skin tone associated with spending long hours in dark rooms staring at computer monitors.

Nonetheless, the freshmen at the Cyber National Defense Department within Korea University’s Graduate School of Information Security have been training hard since the start of the semester since the government issued a warning against possible cyber attacks ahead of the Nuclear Security Summit in Seoul late last month, raising people’s awareness of such attacks.

Lim Jong-in, head of the graduate school, is one of the go-to guys in Korea when it comes to cyber security. Both the graduate school, which was launched in 2000, and the Cyber National Defense Department, set up this year, were his brainchildren.

In a recent interview with the JoongAng Sunday at his office in the Anam campus in Seongbuk District, northern Seoul, Lim, 55, stressed the high stakes associated with cyber attacks, saying that “the consequences of cyber attacks aimed at crippling - or causing blackouts at - nuclear power plants or communications facilities are so much more powerful than traditional weapons.”

Q. The Korea Communications Commission (KCC) issued a so-called attention alert ahead of the Nuclear Security Summit to cope with potential cyber attacks. What prompted this?

A. At venues where world leaders gather, such as the Nuclear Security Summit, cyber terrorism is just as much of a threat as bombs and snipers. And it’s not just countries like North Korea that resort to these attacks for political purposes, but also hackers who are trying to use the opportunity to show off their skills. Given that the event was about a world without nuclear weapons, as well as the safety of nuclear power facilities, an attack would have undermined the whole concept and made sensational headlines.

The most rudimentary form of such an attack is planting malicious codes on Web sites related to such events. That way, hackers either stall access to the Web sites or transform them into something more suitable for their purpose. In an extreme case, they can attempt to hack into state-run infrastructure such as electricity, communications or transportation systems. The idea of the entire country losing power because of infringement of the electric grid is not something that is restricted to Hollywood. Just think of the damage wrought by the recent 12-minute blackout of the Gori-1 nuclear reactor [in Busan].

Just how dangerous are cyber attacks, especially those from North Korea?

When it comes to cyber attacks, there are no borders. That is why the attackers are in a much more advantageous position than the defenders. Through cables or networks, attackers can easily travel halfway around the world and initiate their attack. Compared to traditional wars, it costs much less but is far more damaging.

Also, there is no division between war-time and peace-time. They can commit acts of terror whenever they want. That is why interfering with state infrastructure and causing a blackout on a country’s electricity, communications or transportation system is more horrifying that actually pointing guns at people.

It is also why cyber terror is the best weapon for North Korea. In the cyber arena, North Korea has nothing to lose. Most of its systems are analogue and its Internet network is not fully open. That is why, even if South Korea were to launch a cyber attack on the North, the impact would be minimal. But if the reverse occurred, the impact would be devastating due to the South’s comprehensive national high-speed Internet network and the fact that much of its state infrastructure is operated remotely.

How were the students at the Cyber National Defense Department selected?

We selected our first batch of freshmen based on their scientific talents ... [and] we were surprised at how popular the department was. There are also many benefits for them. They will each get a four-year scholarship, and they will serve their mandatory military service at the Cyber Headquarters within the Defense Ministry in Yongsan, central Seoul. They will also get support for master’s and doctoral degrees. Most importantly, they will be trained as world-class cyber security experts, meaning that few will have to worry about landing a job later on. The Cyber National Defense Department is the world’s first organization to foster ‘cyber sheriffs.’ We also teach them about politics, economics, psychology and the law, as well as dispute settlements and international policies.

Where does South Korea stand in terms of cyber security?

The country is only making baby steps. The U.S., China and even North Korea have control towers overseeing operations related to cyber terrorism.

Cyber warfare is all about speed. In that sense, in cyberspace, we can say that we’ve just begun walking, whereas North Korea is already galloping ahead .?.?. We urgently need to launch a control tower of our own for cyber security.

Many countries are shifting from a passive defense mode to a more active attack mode when it comes to cyber security. Late last year, London hosted the Conference on Cyberspace, the first of its kind, where experts from some 60 countries took part. The UK pledged to develop cyber weapons, too. Similarly, the U.S. government announced that when it is attacked by hackers, it will respond with a counterattack of equal severity. It is also in the process of devising laws related to cyber security.

By Lee Weon-ho, Kim Hyung-eun [hkim@joongang.co.kr]