Journal of Information Technology Services (한국IT서비스학회지)

Korea Society of IT Services (한국IT서비스학회)
권호 표지
DOI QR코드

DOI QR Code

A Study on North Korea's Cyber Attacks and Countermeasures

북한의 사이버공격과 대응방안에 관한 연구

  • 정민경 (고려대학교 일반대학원 사이버국방학과) ;
  • 임종인 (고려대학교 정보보호대학원) ;
  • 권헌영 (고려대학교 정보보호대학원)
  • Received : 2015.12.29
  • Accepted : 2016.01.08
  • Published : 2016.03.31
Download PDF
⟨ Previous Next ⟩

Abstract

This study aims to present the necessary elements that should be part of South Korea's National Defense Strategy against the recent North Korean cyber-attacks. The elements proposed in this study also reflect the recent trend of cyber-attack incidents that are happening in the Unites States and other countries and have been classified into the three levels of cyber incidents: cyberwarfare, cyberterrorism and cybercrime. As such, the elements proposed are presented in accordance with this classification system. In order to properly take into account the recent trend of cyber-attacks perpetrated by North Korea, this paper analyzed the characteristics of recent North Korean cyber-attacks as well as the countermeasures and responses of South Korea. Moreover, by making use of case studies of cyber-attack incidents by foreign nations that threaten national security, the response measures at a national level can be deduced and applied as in this study. Thus, the authors of this study hope that the newly proposed elements here within will help to strengthen the level of Korea's cyber security against foreign attacks, specifically that of North Korea such as the KHNP hacking incidents and so on. It is hoped that further damage such as leakage of confidential information, invasion of privacy and physical intimidation can be mitigated.

Keywords

References

  1. Brenner, S.W. and M.D. Goodman, "In Defense of Cyberterrorism An Argument for Anticipating Cyber-Attacks", Journal of Law, Technology and Policy, 2002, 1-57.
  2. Carr, J., Inside Cyber Warfare : Mapping the Cyber Underworld, O'Reilly Medea, Inc., 2011.
  3. Chen, T.M. and S. Abu-Nimeh, "Lessons from Stuxnet", IEEE Computer, Vol.44, No.4, 2011, 91-93. https://doi.org/10.1109/MC.2011.273
  4. Cordesman, A.H. and B. Gold, The Gulf Military Balance : The Conventional and Asymmetric Dimensions, Rowman & Littlefield, 2014.
  5. Embar-Seddon, A., "Cyberterrorism Are We Under Siege?", American Behavioral Scientist, Vol.45, No.6, 2002, 1033-1043. https://doi.org/10.1177/0002764202045006007
  6. Evron, G., "Battling Botnets and Online Mobs Estonia's Defense Efforts During the Internet War", Georgetown Journal of International Affairs, Vol.9, 2008, 121-126.
  7. Fafinski, S., W.H. Dutton, and H. Margetts, "Mapping and Measuring Cybercrime", OII Forum Discussion Paper, Vol.18, 2010, 1-26.
  8. Farwell, J.P. and R. Rohozinski, "Stuxnet and the Future of Cyber War", Survival, Vol.53, No.1, 2011, 23-40. https://doi.org/10.1080/00396338.2011.555586
  9. Golder, B. and G. Williams, "What is 'Terrorism?' Problems of Legal Definition", University of NSW Law Journal, Vol.27, No.2, 2004, 270-295.
  10. Haggard, S. and J.R. Lindsay, North Korea and the Sony Hack Exporting Instability Through Cyberspace, IEEE Computer Society, 2015, 54-57.
  11. Hathaway, O.A., R. Crootof, P. Levitz, H. Nix, A. Nowlan, W. Perdue, and J. Spiegel, "The Law of Cyber-Attack", California Law Review, Vol.100, No.4, 2012, 817-885.
  12. Hoisington, M., "Cyberwarfare and the Use of Force Giving Rise to the Right of Self-Defense", Boston College International and Comparative Law Review, Vol.32, 2009, 439-454.
  13. Kelsey, J.T.G., "Hacking into International Humanitarian Law : The Principles of Distinction and Neutrality in the Age of Cyber Warfare", Michigan Law Review, Vol.106, No.7, 2008, 1427-1451. Available at http://www.jstor.org/stable/40041623(Accessed December 21. 2015).
  14. Kwon, H.Y., "The need for cyber security laws and legislative strategy", Cyber Security Threats and Countermeasures : the Proceedings of the 18th Hwarangdae International Symposium, Korea Military Academy and Hwarangdae Research Institution, Seoul, 2015, 78-93. (권헌영, "사이버안보 법제의 필요성과 입법전략", 사이버안보 위협 및 대응전략 : 제18회 화랑대 국제 심포지엄논문집, 육군사관학교, 서울, 2015, 78-93.)
  15. Lee, Y.J., H.J. Kwon, J. Lee, and D.K. Shin, "Development of Countermeasures against North Korean Cyberterrorism through Research Case Studies", Korean Journal of Defense Analysis, Vol.27, No.1, 2015, 71-86.
  16. Lesk, M., "The New Front Line Estonia Under Cyberassault", IEEE Security and Privacy, Vol.5, No.4, 2007, 76-79.
  17. Moore, R., Cybercrime : Investigating High-Technology Computer Crime, Routledge, Boston, 2010.
  18. Park, K.G., "Cyber Warfare to Cyber-attacks and International Law", International Law Review, Vol.32, 2010, 37-83. (박기갑, "사이버전쟁 내지 사이버공격과 국제법", 국제법평론, 제32권, 2010, 37-83.)
  19. Schaap, A.J., "Cyber Warfare Operations : Development and Use under International Law Cyberlaw Edition", Air Force Law Review, Vol.64, 2009, 121-174.
  20. Schmitt, M.N., Tallinn Manual on the International Law Applicable to Cyber Warfare, Cambridge University Press, 2013.
  21. Shackelford, S., "From Nuclear War to Net War : Analogizing Cyber Attacks in International Law", Berkley Journal of International Law, Vol.25, No.3, 2009, 191-250.
  22. Son, Y.D., The Endless War Between 0 and 1, Infothebooks, 2013. (손영동, 0과 1의 끝없는 전쟁, 인포더북스, 서울, 2013.)
  23. Stohl, M., "Cyber Terrorism : a Clear and Present Danger, the Sum of All Fears, Breaking Point or Patriot Games?", Crime Law and Social Change, Vol.46, No.4, 2006, 223-238. https://doi.org/10.1007/s10611-007-9061-9
  24. Wall, D.S., Cybercrime : The Transformation of Crime in the Information Age, Polity Press, UK, Cambridge, 2007.
  25. Weber, A.M., "The Council of Europe's Convention on Cybercrime", Berkeley Technology Law Journal, Vol.18, No.1, 2003, 424-446.
  26. Weimann, G., "Cyberterrorism How Real Is the Threat?", Special Report, United States Institute of Peace, 2004.
  27. Yar, M., "The Novelty of 'Cybercrime' : An Assessment in Light of Routine Activity Theory", European Journal of Criminology, Vol.2, No.4, 2005, 407-427. https://doi.org/10.1177/147737080556056
  28. Young, R., "Defining Terrorism : the Evolution of Terrorism as a Legal Concept in International Law and its Influence on Definitions in Domestic Legislation", Boston College International and Comparative Law Review, Vol.29, No.23, 2006, 23-106.