<em>Ministry of Science and ICT</em> Urges Strengthening Public-Private Cooperation for Ransomware Response

Ministry of Science and ICT Holds Ransomware Response Information Security Chief Officer (CISO) Meeting

[Asia Economy Reporter Eunmo Koo] The government has called for public-private cooperation to strengthen ransomware response measures.

On the 11th, the Ministry of Science and ICT held a 'Chief Information Security Officer (CISO) Meeting for Strengthening Ransomware Response' chaired by Second Vice Minister Kyung-sik Cho.

This meeting was convened urgently to inspect the current response status targeting major companies due to the recent increase in ransomware damage incidents affecting domestic and international companies. It also aimed to share recent ransomware cyber threat trends, gather opinions on difficulties and suggestions from companies related to cyber threats, and discuss public-private cooperative response measures to minimize ransomware damage.

Second Vice Minister Kyung-sik Cho of the Ministry of Science and ICT stated, “Unlike other cyber threats, ransomware causes fatal damage as recovery is virtually impossible. We ask for efforts and cooperation to further strengthen information security centered on companies' CISOs.” He added, “The Ministry of Science and ICT will also prepare and promote ransomware response enhancement measures together with related ministries based on the various opinions discussed at the meeting.”

Looking at recent ransomware cyber threat trends, the targets have expanded from primarily individual PCs to large-scale attacks on companies and social infrastructure where monetary demands and profit-making means are easier. Initially, ransomware demanded money through data encryption, but it has evolved to increase negotiation leverage by threatening additional attacks such as data leaks of personal information on the dark web and Distributed Denial of Service (DDoS) attacks.

Furthermore, recently, Ransomware as a Service (RaaS) has emerged, allowing ransomware attacks without specialized hacking knowledge as long as payment is made. The anonymity guaranteed by the dark web and the activation of virtual asset markets, which are useful for money laundering, are also analyzed as major factors increasing ransomware and other cyber threats.

Examining recent global ransomware damage status, the number of cases increased by 62% from 190 million in 2019 to 300 million last year. Domestically, ransomware attacks have caused operational paralysis of delivery service stores, system paralysis of automobile parts manufacturers, and recently, a sharp increase in ransomware incidents targeting medical institutions. Damage cases, which were 39 in 2019, surged by 325% to 127 last year, and 65 cases have been reported as of the 4th of this year.

So far, the Ministry of Science and ICT has made various efforts to minimize ransomware infection damage, including issuing ransomware warnings to companies and the public and organizing and operating ransomware response support teams. Going forward, tailored security consulting and solution adoption support, as well as website vulnerability inspections and measures, will be conducted mainly for ICT small and medium-sized enterprises with limited security investment capacity. Cyber crisis response drills simulating real situations, such as phishing email and DDoS mock drills, are also planned.