___________________________________________________________________________

2009/TEL40/SPSG/006 Agenda Item: 6a

Cyber Security Awareness Raising Activities in Korea

Purpose: Information Submitted by: Korea

Security and Prosperity Steering Group Meeting

Cancun, Mexico26-29 September 2009

Cyber Security Awareness Cyber Security Awareness Raising ActivitiesRaising Activities

in Koreain KoreaOct. 29, 2009APECTEL 40, Mexico

Yun, Jun-Bum (yjb@kisa.or.kr)

2

3

Wind of Change - 1

o IT Environment

- High-speed internet subscriber per household : 80%※ First economy in the world to exceed 80% (Statistics Korea:National Statistics

Office, 2008)

- Number of mobile-phone subscriber: 45 million ※ One mobile phone per person (Statistics Korea:National Statistics Office, 2008)

- e-Government Service ※ 18,000 kinds of civil service

MethodMethodLife

Korea’s IT

4

o Internet Promotion, information Security, international Cooperation as

One

- Establish KISA(Korea Internet & Security Agency), in July 2009※ Before, KISA was Korea Information Security Agency

- Consolidate internet related functions to countermeasure as whole

KISA

InternetInternet

Information Security

Internet Promotion

International Cooperation

Korea Internet & Security Agency

Wind of Change - 2

5

Present condition of Korea - 1

o Recognize the importance of information Security : 98%

o Practicing security actions : 30%

o Reason for Inactivity

- Do not know where to get information: 38%

- Information is complicated and hard to understand: 34%※ Source : Survey on Information Security(KISA, 2008)

Research

Yes NO

2007 30.8 69.2

2008 30.2 69.8

< Practicing security actions >

neverimportant

Notimportant important Very

Important

2007 30.8 69.2 41.1 55.4

2008 30.2 69.8 38.3 59.9

< How do you feel about important of Security >

(%) (%)

6

o Target : U.S.A. and Korea’s main

Websites(E-Shops, Banks, news medias,

etc)

o Damage : Site down, service

suspension

o Implication : Make zombies from

vulnerable PCs, and Re-attack

7.7 DDoS New Threats

o Target : Individuals through

New media such as Messenger

o Damage: Financial losses

o Implication : Attacks based on

personal trust & social network

Present condition of Korea - 2

※ source : Korea Police, 2009

< Reports on Messenger phishing >

# of cases

Damage(won)

(0.548 billion)

Voicephishing

Messenger phishing

< Reports on phishing >

7

o Lots of information and knowledge that need to be informed

- Warning against dysfunctions of ICT

- Methods of Prevention, Countermeasure and Practice

- Essential methods for use of new media safely

Security

How?

Problem and Solution

Which methodWhich method

What?

AwarenessAwarenessraisingraising PracticePractice

important

8

9

no Date Title

1 4/16 DDoS Attack

2 4/23 Into the spam-less green information world

3 4/30Low consumption, super light weight PW program utilization

4 5/7 Convergence information Security

5 5/14 Information Security for green IT

6 5/21 Green security compliance

7 5/28 Removal of malicious code

8 6/4 Corporation, let's practice this way

9 6/11 Official certificates

10 6/18 Personal information Security with green life revolution

no Date Title

1 5/12 Computer virus attack - more fatal than nuclear bomb

2 5/13Hacking from China more than 90 million cases per year, target private industry security

3 5/14Iron-secure wireless network exposed in less than 23 minutes

(Interview) 2 high school teams advance to the finals

no Date Title

1 4/3 Internet phone security

2 4/7 IPTV security

3 4/10 Cellphone virus security

Mass awareness raising activities - 1

< Electronic Times >

"Green growth, green security”

<Korea Economic Newspaper>

"Cyber war without gun fire, black & white)”

< Financial News >

"IT convergence service under security threat"

Mass Media – Special series

10

Mass Media – for childrenno Date Title

1 3/2 What is personal information?

2 3/9 When using the Internet

3 3/16 ID and Password - 1

4 3/23 ID and Password - 2

5 3/30 When joining to be a member

6 4/6 I protect my own personal information

7 4/13 Safe onlin gaming and shopping

8 4/20 When upl;oading information on the Internet

9 4/27 My friend is important too

10 5/4 Speak politely, truthfully

11 5/11 Good hacker, bad hacker

12 5/18 Let's all try together

13 5/25 Let's follow these rules - 1

14 6/1 Let's follow these rules - 2

15 6/8 Let's follow these rules - 3

16 6/15 What professional information protectors do

17 6/22 How to be a professional information protector

18 6/29 Protecting from spams

19 7/6 Guard against voice phishing

20 7/13 Internet etiquette

< Korea Times for Kids>

" Click, safe e-world”

Mass awareness raising activities - 2

11

Mass awareness raising activities - 3

o Included in the formal school education course

- Contents regarding IS to be included in middle school course(2011~)

- Necessary for every student to learn about Information Security※ To the 2nd grade students, in Technology subject

School Education

12

-Whenever you havea problem with cyber security -

Ads on transportations

Mass awareness raising activities - 4

o Connect with public transportation methods

- Various contents can be posted as people stay long in transportation

- Continuous exposure to people who use the same route

<Just Dial ☎ 118>

(subway train)

“Whenever you havea problem with cyber

security, Just Dial 118”

<Not to call uncertain SMS>

You’ve got a message.“Hey! Call me~”

Please Watch out!

<Keep just 5 steps>

(bus monitor)

Information Security,It’s not difficult, it’s easy.

Visit www.KISA.or.krKISA is always near you.

13

Activities through analog approach - 1

Internet ethics camp

o Internet ethics camp

- Experience love of family(offline) & ethics of the Internet(online)

at the same time through a camp

- To students & parents(home), as well as to school teachers(school)

14

Activities through analog approach - 2

Social Security Service

o OnNuRi Campaign

- Meaning : "Let's make the world into a warm and peaceful digital

world"

- Activities: Provide “Information Security service" such as security

checks on computers in socially isolated facilities

such as center for disabled and elderly

o Purpose

- Social contribution through information Security

- Strengthen Security level of vulnerable groups

- Cultivate secure netizen

o 600 PCs in 33 facilities checked, since 2008

15

o Campaign using celebrity

- Teenagers try to emulate thoughts and ideas of celebrities

- By planning concerts of celebrities and making them talk

about online ethics, it is easier to educate fans and teenagers

Attention gathering campaign - 1

Concert

16

o Appoint PR ambassador: Backkom

- Hard and formal information Security

-> Friendly ambassador for easy promotion

Attention gathering campaign - 2

PR ambassador

17

Special Gift

o Fan

- Distribute traditional Korean fans with 5 information Security

practice tips written on them

18

Special Gift

o Pencil

- Distribute pencils with information Security practice tips written on

them

yjb@kisa.or.kryjb@kisa.or.kr