[Asia Economy Reporter Kwangho Lee] Amid ongoing hacking attempts targeting Korea Hydro & Nuclear Power (KHNP), concerns have been raised about the shortage of cybersecurity personnel responsible for handling these threats.
On the 6th, Yang Jeong-suk, an independent member of the National Assembly’s Science, Technology, Information and Broadcasting Communications Committee, analyzed data submitted by KHNP and the Korea Institute of Nuclear Nonproliferation and Control (KINAC). The analysis revealed that over the past five years (2015?2020), a total of 527 hacking attempts were made against KHNP as of September this year.
During the same period, the most common type of hacking involved unauthorized users accessing the website and deleting or altering data, accounting for 240 cases. This was followed by 193 cases of malware attacks?programs maliciously designed to harm users?and 40 cases of denial-of-service attacks, commonly known as DDoS attacks.
Additionally, hacking attempts have increasingly diversified, including methods such as data destruction, leakage, and abnormal usage.
Regarding the origin of cyberattacks during the same period, the highest number of hacking attempts, 205 cases, originated domestically, followed by 100 cases from China, 90 from Europe, and 88 from the United States.
Despite the continuous hacking attempts, the number of cybersecurity personnel within KHNP currently stands at 85, having increased by only two over the past three years.
Furthermore, the Korea Institute of Nuclear Nonproliferation and Control, the dedicated agency responsible for enforcing cybersecurity regulations at domestic nuclear facilities, employs a total of 14 cybersecurity personnel who oversee 30 nuclear facilities nationwide.
Internationally, the ratio of nuclear facilities per cybersecurity staff member is 1.0 in Japan, 1.7 in the United States, 0.6 in France, and 1.1 in the United Kingdom. In contrast, South Korea’s ratio is 2.2 facilities per person, highlighting a severe shortage of cybersecurity personnel.
Representative Yang stated, "Although hacking attempts have decreased compared to the past, cyberattacks targeting KHNP, a critical national facility, continue every year. No one can guarantee that today’s safety will ensure tomorrow’s security just because no cyberattack has succeeded so far."
She added, "It is essential to prepare thoroughly to prevent situations where the barn is fixed only after the cow is lost, especially regarding the safety of nuclear power facilities. Rather than maintaining the current level of cybersecurity personnel at nuclear facilities, active support is needed to expand specialized personnel for strengthening security systems."
© The Asia Business Daily(www.asiae.co.kr). All rights reserved.
