[ISN] Caught Off Guard

From: InfoSec News (alerts@private)
Date: Tue Apr 22 2008 - 01:47:47 PDT


http://www.koreatimes.co.kr/www/news/opinon/2008/04/202_22949.html

The Korea Times
Editorial
04-22-2008

Hackers Attack Presidential Office's Computer Network

A series of hackers' attacks have hurt South Korea's pride in its 
information technology (IT) and Internet prowess. People are shocked by 
reports that the presidential office's computer network was hacked into 
in mid-February. This case is raising serious worries about the 
country's poor Internet security system, which might threaten national 
security. What's more surprising is that the government failed to detect 
the hacking until late March.

How can we boast of our technological breakthrough in information and 
communication technology after the heart of the administration was 
infiltrated? No doubt South Korea's online security system was caught 
off guard despite its self-praised feat of e-government and e-commerce. 
It is a shame that the government had failed to take tighter security 
measures to prevent potential leaks of confidential information about 
national security, diplomacy, defense, economy, etc.

The presidential office's initial reaction to the first report by The 
Hankook Ilbo, sister paper of The Korea Times, disrupted public trust. 
The Korean language daily carried a front-page article, ``Cheong Wa Dae 
Attacked by Hackers,'' in its Tuesday edition. The office denied the 
report immediately, but had to admit to the incident less than two hours 
later. It is disappointing that officials are still accustomed to 
denying any media reports before telling the truth.

A Cheong Wa Dae official said a type of worm virus penetrated the 
desktop computer of an employee belonging to the National Security 
Council (NSC) just before then-President Roh Moo-hyun retired Feb. 24. 
He confirmed that stolen data included national security-related 
surveys, writing manuals, reports and other NSC data. But the official 
said the data were neither confidential nor critical to the country's 
national security. The virus is presumed to have originated from a 
neighboring country. There were also suspected hacking attempts into the 
office's Internet Saturday.

The NSC employee has been investigated as he is suspected of violating 
information security guidelines that ban officials from storing data on 
their personal computers. We cannot understand why the official ignored 
the regulations, becoming the target of the hacking. No wonder 
government officials have little sense of information security. There 
are growing suspicions that the lack of discipline among officials 
during the power transition period has provided a brewing ground for 
computer hacking.

In this regard, Cheong Wa Dae officials under President Roh cannot avoid 
responsibility for their poor security measures. President Lee Myung-bak 
said in a briefing of the Ministry of Public Administration and Security 
in March 15 that his computer did not work at his office for 10 days 
from the Feb. 25 inauguration day. The glitch could be attributed to the 
hacking. Some officials may face allegations that they had tried to 
cover up the incident. It is still irritating to know that the 
government has yet to determine the amount and content of the leaked 
data.

The government and businesses should go all-out to establish a 
watertight online security system to ensure national security and 
information privacy, or we might lose an ``information war'' in an 
Internet-based information society.


_______________________________________________      
Subscribe to the InfoSec News RSS Feed
http://www.infosecnews.org/isn.rss



This archive was generated by hypermail 2.1.3 : Tue Apr 22 2008 - 01:53:05 PDT