Cyber ​​experts from 20 countries gather in Seoul to train to defend against hacking attacks

Yoon: “Sharing Cyber ​​Security Powerhouse Capabilities with the World”

On the morning of the 11th, at the COEX conference room in Gangnam-gu, Seoul. At exactly 9 o’clock, the conference room became quiet. Then came the sound of keyboards being tapped here and there. Cybersecurity experts from over 20 countries were looking at the monitors in front of them and tapping away at their keyboards without rest. Those who became the ‘Blue Team’ for the day were blocking hacking attacks by the ‘Red Team’ experts who were acting as the ‘virtual enemy’ in real time.

On the morning of this day, an international cyber training was held at COEX in Seoul with the participation of some 20 countries in the Indo-Pacific region and the North Atlantic Treaty Organization (NATO). It was part of the ‘Cyber ​​Summit Korea 2024’ event held over three days from the 10th to the 12th in collaboration with the National Intelligence Service and the National Security Technology Research Institute. This was the first time that cyber experts from major countries gathered together to conduct cyber training in Korea.

This international cyber training exercise was conducted as a follow-up measure to President Yoon Seok-yeol’s promise at the NATO summit held in Washington in July that he would “invite NATO member countries to cyber defense training hosted by our intelligence agencies to elevate cooperation to a new level.”

President Yoon, who observed the training site, emphasized, “South Korea is a cybersecurity powerhouse that has developed defense capabilities and security systems to respond to cyberattacks from hostile forces including North Korea for a long time,” and “We will actively contribute to protecting the safety and prosperity of humanity by sharing our capabilities and experiences with the world.” President Yoon told Cyber ​​Operations Command Commander Cho Won-hee, who visited the site that day, “Attack is the best defense,” and ordered, “We must have an offensive defense.”

National Intelligence Service Director Cho Tae-yong also said in his opening remarks, “Cybersecurity requires cooperation with allies,” and “I hope this will become a venue for cooperation to share experiences and solutions in the ever-evolving field of cybersecurity.”

The National Intelligence Service also announced plans to partially ease the ‘network separation regulations’ that separate public institutions’ business computer networks from the external internet starting next year, using the ‘Cyber ​​Summit’ as an opportunity. In the future, public institution employees will also be able to use ‘Chat GPT’, a generative AI program, on their business PCs.

Network separation is a system where each organization operates its business computer network and external Internet network separately to prepare for hacking attacks. However, there have been continuous complaints in the industry that the organization’s employees cannot use various Internet-based programs, including ‘Chat GPT’.

The government first announced that it is reviewing a plan to divide data stored on the internal network into Level 1 (confidential), Level 2 (sensitive), and Level 3 (public) categories like military secret documents and apply appropriate security systems to each. The idea is to ease regulations so that important information can be protected while also allowing for smooth data sharing by applying differentiated security systems for each category.

The path has also opened for products that follow international standard cryptographic modules to be supplied to public institutions. Until now, our government agencies could only use cryptographic module systems developed domestically. This was because there were concerns that cryptographic modules developed overseas could be easily deciphered by the relevant countries. However, as the security environment has changed, the industry has consistently raised the opinion that global standards should be allowed. A National Intelligence Service official explained, “We believe that the safety of (the international standard cryptographic module) AES has been sufficiently proven,” and “We considered economic effects and opinions of industry, academia, and research experts.”