The Republic of Korea Executive Summary Today, cyberspace is a new horizon with endless possibilities, offering unprecedented economic and social benefits. However, on account of its open, anonymous and borderless nature, cyber threats are emerging as a serious challenge to international security. The Republic of Korea has been experiencing a series of cyber attacks including the recent attacks on its nuclear power plant operator in 2014. To respond more effectively to cyber threats, the Republic of Korea came up with comprehensive plans to enhance cyber security posture in March 2015 and also created the post of presidential secretary for cyber security affairs. The Republic of Korea firmly believes that it is important to agree on a set of international norms applied to cyberspace and implement confidence building measures (CBMs) and cyber capacity building measures. In this respect, the Republic of Korea welcomes the results of the 2013 UN GGE report, which recognized the possibility of applying of international law to state behaviors in cyberspace, and expects further discussions on how the agreed principles can be applied to state behavior in cyberspace. Korea hosted the Asia-Pacific Regional Seminar on International Law and State Behavior in Cyberspace in 2014 together with the UNIDIR, providing an opportunity for countries in the region to discuss cyber security related matters. The Korean government has also worked to strengthen bilateral and trilateral cooperation with key countries and is actively participating in regional and international fora on cyber issues, such as ASEAN Regional Forum (ARF) and the UN Information Security GGE. As the host of the Seoul Global Conference on Cyberspace held in 2013, the Republic of Korea closely cooperated with the Netherlands in preparation for the Hague Conference on Cyberspace 2015 and will continue its contribution to the London Process. 1
Ⅰ. General Appreciation of the issues of information security Today, cyberspace is a new horizon with endless possibilities, offering unprecedented economic and social benefits. However, on account of its open, anonymous and borderless nature, cyber threats are emerging as a serious challenge to international security. Most recently, we are witnessing an alarming development. As shown by recent cases of cyber attacks, including the attack on Sony Pictures Entertainment, attacks have been grown more sophisticated and powerful, posing serious threats to individual, business, national and international security. Even extremist groups are effectively using ICTs to recruit, finance, organize, and incite support for terrorist activities. There is growing concern about the possibility of such group soon acquiring the means to carry out disruptive ICT activities. Against this backdrop, strengthening international cooperation to enhance cyber security across the globe is critical to guarantee global prosperity in the 21st century. The international community can tackle the mounting threats by agreeing on a set of international norms of acceptable state behavior in cyberspace, strengthening law enforcement cooperation and capabilities, and addressing vulnerabilities in cyberspace, among others. The Republic of Korea, as one of the most wired countries in the world, is also facing increasing cyber threats. Since 2009, Korea has been experiencing a series of cyber attacks including massive distributed denial-of-service (DDoS) attacks (2009, 2011) and intrusions on government networks and broadcasting and financial systems (2013). Most recently, there were cyber attacks on Korea s nuclear power plant operator in 2014. To effectively address the threats, while harnessing the unprecedented benefits of cyberspace, Korea has been enhancing international cooperation in this area as well as strengthening its cyber policies, legislations and organizations. 2
Ⅱ. Efforts taken at the national level to strengthen information security and to promote international cooperation in this field Following the cyber attacks on its nuclear power plant operator in 2014, the Korean government came up with comprehensive plans to enhance cyber security posture in March 2015, which is in line with the 'National Cyber Security Comprehensive Countermeasures' adopted in 2013. The measures included establishing organizations exclusively in charge of cyber security affairs under each ministry and local government, fostering experts in the field of cyber security, expanding R&D investments in the field of countering cyber threats, and strengthening the function of National Security Office as the control tower for cyber security. The recently created post of the presidential secretary for cyber security affairs is expected to contribute to enhancing the function of the control tower. Also Korean Supreme Prosecutor s Office created the Scientific Investigation Department and Cyber Investigation Division as a way to strengthen nation s response to cyber crimes. The Republic of Korea has also worked to strengthen bilateral and trilateral cooperation with the key states in the field of cyber security. In addition to existing consultation mechanisms with the United States and Russia, Korea launched Korea-Japan-China trilateral consultation and bilateral consultations with EU, Australia and India in 2014 and 2015. The Republic of Korea is also actively participating in regional and international discussions on cyberspace such as the ASEAN Regional Forum (ARF) and the UN Information Security GGE. In 2014, Korea also hosted an Asia-Pacific Regional Seminar on International Law and State Behavior in Cyberspace together with the UN Institute for Disarmament Research (UNIDIR), providing an opportunity for countries in the region to discuss cyber security related matters. 3
As the host of the Seoul Global Conference on Cyberspace held in 2013, Korea closely cooperated with the Netherlands in preparation for the Hague Conference on Cyberspace 2015 and decided to be a founding member of Global Forum on Cyber Expertise launched at the Hague Global Conference on Cyberspace 2015 based on achievements of the Seoul Global Conference on Cyberspace 2013. Ⅲ. The content of the international concepts aimed at strengthening the security of global information and telecommunication system International efforts to agree on a set of international norms, rules, and principles for responsible State behavior are still at an early stage. In this regard, Korea welcomes the 2013 GGE report (A/68/98), which made the following significant conclusions: International law, in particular the UN Charter, is applicable to cyberspace and is essential to maintaining peace and stability and promoting an open, secure, peaceful and accessible ICT environment. State sovereignty and international norms and principles that flow from sovereignty apply to state conduct of ICT related activities, and to the jurisdiction over ICT infrastructure within the territory. States must meet their international obligations regarding internationally wrongful acts attributable to them. States must not use proxies to commit internationally wrongful acts. States should seek to ensure that their territories are not used by non-state actors for unlawful use of ICTs. Building on this outcome, further deliberations and consultations among States are necessary to agree on how these principles can be applied to state behavior in cyberspace. 4
Additional norms, if needed, can be developed over time. At this point, the UN GGE could first identify the relevant norms and principles in existing international law, especially the UN Charter, which can be applied to cyberspace. Ⅳ. Possible measures that could be taken by the international community to strengthen information security at the global level The development and spread of sophisticated malicious ICT tools may increase the risk of mistaken attribution and unintended escalation. Against this backdrop, given that the international community has yet to agree on a set of norms and principles governing state behavior in cyberspace, it is important to establish measures to build confidence in the meantime, which will increase predictability and reduce misperception, to help reduce the risk of conflict. In this context, Korea greatly appreciates the efforts made at the bilateral and regional levels to agree on a set of measures to build confidence in cyberspace. In particular, bilateral confidence building measures agreed between major cyber countries and regional measures agreed at the ARF and OSCE will help to promote trust and assurance in cyberspace across the world. The GGE can continue to explore ways to build on those measures. In this regard, Korea is of the view that States can pursue the following measures to build confidence in cyberspace. Publish white papers or exchange information on national strategies, laws and organizational structures related to cyber security on a bilateral, regional and multilateral basis. Periodic reporting on States efforts to enhance cyber security by relevant international organizations. 5
Set up bilateral, regional, and multilateral consultations with the purpose of building confidence among the range of stakeholders. Hold meetings, workshops and seminars on specific areas on cyber security, such as incident response, cyber defense, and cybercrime, among relevant stakeholders, including policymakers, Computer Emergency Response Teams (CERT), law enforcement agencies, private sector and civil society. Strengthen cooperative mechanism between relevant agencies of States, especially CERT and law enforcement, to address ICT security incidents in a timely and effective manner. Exchange information on points of contacts for timely response, recovery and mitigation actions in responding to incidents Strengthen mechanisms for cooperation between law enforcement agencies. Conduct periodic tabletop exercises for policymakers and experts to understand how ICT security incidents arise and ways to address them. Pursue exchange of personnel in areas such as incident response and law enforcement. Set up a hot-line between high-level officials to address serious ICT security incidents as well as a protocol on response to prevent escalation. As indicated in previous GGE reports, capacity-building is an important element in ensuring global cooperation on overall cyber security. In this regard, the Korean Government, in cooperation with other international organizations including, but not limited to, the World Bank and Inter-America Development Bank, will set up a Global Cyber security Center for Development (GCCD) in Korea in 2015. The Center will be tasked with promoting cyber 6
security and other information protection in developing nations. All in all, efforts to build capacity in developing countries will pave the way for bridging the digital divide across the globe. /END/ 7