The Korea Herald

피터빈트

S. Korea announces 'offensive cyber defense' strategy

By Ji Da-gyum

Published : Sept. 1, 2024 - 17:54

    • Link copied

South Korea's National Security Adviser, Shin Won-sik, delivers a briefing on the National Cybersecurity Basic Plan at the presidential office in Yongsan, Seoul, on Sunday. (Yonhap) South Korea's National Security Adviser, Shin Won-sik, delivers a briefing on the National Cybersecurity Basic Plan at the presidential office in Yongsan, Seoul, on Sunday. (Yonhap)

The South Korean presidential office on Sunday unveiled a comprehensive cybersecurity plan with 100 actionable tasks, including measures for enhanced "offensive cyber defense" strategies to proactively counter and neutralize those with intentions of spreading fake information such as deepfakes in cyberspace.

The presidential Office of National Security announced the "National Cybersecurity Basic Plan," a collaborative effort developed by 14 government ministries and organizations, including the National Intelligence Service, Foreign Ministry, Defense Ministry, Ministry of Science and ICT, Supreme Prosecutors’ Office and National Police Agency.

The plan served as a follow-up to the "National Cybersecurity Strategy" announced in February, detailing specific implementation measures to achieve the strategy's vision and objectives, according to the National Security Office.

The basic plan notably details specific measures to implement the five strategic tasks outlined in the cybersecurity strategy.

According to the National Security Office, the specific actions for the first strategic task -- strengthening what it calls offensive cyber defense -- focus on "securing deterrence through preemptive and proactive cyber defense operations against attacks and threat actors that compromise national security and interests."

The detailed measures for the first strategy also aim to "establish a foundation for countering disinformation that disrupts public opinion and fosters social unrest in cyberspace."

When asked whether the cybersecurity basic plan included measures to combat sexually exploitative deepfake crimes, a senior government official, speaking on condition of anonymity during a closed-door briefing on Sunday, confirmed that deepfake crimes are addressed as part of the offensive cyber defense activities.

Deepfakes use a form of artificial intelligence known as deep learning to create highly realistic images and videos of events that never occurred. Recently, South Korea has seen a massive rise in crimes involving deepfakes, particularly in the context of sexually exploitative content, prompting a flood of concerns and a push for stronger regulations and defense mechanisms.

A senior official from the presidential office, speaking on condition of anonymity, clarified the concept of "offensive cyber defense" during the briefing.

"We're shifting from a predominantly defensive stance to a more proactive approach (in cybersecurity), in line with global trends. The key concept is to actively detect, identify and preemptively respond to threats," according to the official.

To support the shift, Seoul is assessing the need for reinforcing existing regulations, the presidential official said.

"We aim to establish a comprehensive process spearheaded by intelligence and investigative agencies such as the National Intelligence Service, in close collaboration with all relevant domestic partners," the official stated.

"This process will be dedicated to detecting and managing threats, enabling us to swiftly neutralize them when necessary," the official added, without providing further details.

The cybersecurity basic plan also outlined specific measures for the remaining four strategic tasks: bolstering the cyber resilience of critical infrastructure, establishing a global cyber cooperation framework, securing a competitive edge in critical and emerging technologies and reorganizing cybersecurity-related legal systems and institutions to ensure that the roles and responsibilities of individuals, businesses and the government are aligned and well-coordinated.

The National Cybersecurity Basic Plan consists of a total of 100 action tasks, including 93 individual tasks and seven joint tasks from 14 ministries and government agencies.

However, the full details of the action plans were not disclosed for security reasons.

Among the disclosed aspects of the plan, the task of countering North Korean cyber "propaganda" and "agitation" has been designated as a joint effort between the National Police Agency and the Unification Ministry.

The Foreign Ministry and the National Intelligence Service, the country's spy agency, have been tasked with jointly developing measures for attribution, including the identification of cyber threat actors.