Making Malware in 1 Minute with ChatGPT... Severe Shortage of Security Personnel in Korea

As artificial intelligence (AI) technology advances day by day, concerns about cybersecurity are growing due to its misuse in hacking. However, the domestic information security industry is struggling because there are not even enough people to work. While the demand has surged with the increasing importance of security, the supply has not kept pace. There are even calls to expand the introduction of foreign experts.

Recently, the U.S. ABC News reported concerns that AI could be exploited for crime, threatening national cybersecurity. ABC News stated that chatbots can generate and enhance computer malware, and analysis of unofficial hacking communities revealed documents showing actual attempts to do so. AI technology expert Ari Jacoby expressed concern, saying, "AI tools like ChatGPT could cause security problems." He explained, "ChatGPT can create malware development tools in less than a minute, which would take human hackers days or weeks to make, enabling attackers to deceive recipients into downloading malware or to compose large volumes of phishing emails." The Biden administration plans to strengthen national security strategies by countering cyberattacks using new technologies through public-private cooperation.

In South Korea, in January, hacking and system failures targeting domestic and foreign companies and academic institutions such as Microsoft (MS) and LG Uplus occurred consecutively. The Chinese hacking group 'Xiaoniqing' hacked the websites of 12 domestic academic institutions, including the Korea Construction Policy Institute, the Korean Language Society, and the Korean Archaeological Society. Xiaoniqing's hacking is analyzed as a retaliatory and demonstrative attack following tightened entry restrictions on Chinese nationals. This is because they did not demand monetary compensation from the victim institutions nor clearly state the reason for the hacking. However, such cyberattacks can lead to ransomware attacks that steal more sensitive information by distributing malware after stealing personal information such as email addresses of institution members.

On January 25, MS's cloud service 'Azure,' used by 15 million companies worldwide, was down for seven hours, and on the 29th of the same month, LG Uplus experienced two connection outages due to DDoS attacks. A DDoS attack is a cyberterrorism act that overloads servers by sending massive amounts of data. Stores using LG Uplus internet networks suffered damages such as temporary suspension of credit card payments and online work interruptions. On the 12th, President Yoon Suk-yeol emphasized at the "Energy Sector Cyberattack Response Posture Inspection Meeting by Institution" that "response postures must be thorough to prevent cyber threats to critical infrastructure such as finance and energy from escalating into security crises."

However, the industry is actually struggling, saying, "There are no workers." Lee Dong-beom, chairman of the Korea Information Security Industry Association (photo), told Asia Economy in a phone interview, "As the importance of cybersecurity grows and big tech companies expand their security organizations, a concentration of personnel has occurred." Mr. A, who runs a security company, said, "The security field has high work intensity and heavy responsibilities, but the treatment is poor," adding, "As a result, there is a shortage of personnel both qualitatively and quantitatively." He argued that the system should be changed and a framework established so that cyber monitoring personnel dispatched to public institutions can provide remote support. He said, "Employees of security monitoring companies defending public institution IT facilities work 24 hours in three shifts," adding, "The work intensity is high, so treatment should improve, but it is difficult because the government sets service rates." He continued, "It has become even harder to find workers as government agencies relocate to provinces," and insisted, "The system should be changed to allow remote support."

Dongbeom Lee, President of the Korea Information Security Industry Association

Lee Joong-yeon, CEO of KTNF, a native server development company, said, "I felt there is a limit to recruiting personnel," and introduced a self-help measure, saying, "We plan to build a mini data center inside the company and create a place for education," while requesting government support. Last month, Lee Young, Minister of SMEs and Startups, stated at a meeting with the security industry, "There is not even a compiled status of how much software personnel are lacking," and announced plans to calculate the required personnel in cooperation with the Ministry of Science and ICT and the Ministry of Employment and Labor.

In July last year, the government announced the 'Plan to Train 100,000 Cybersecurity Talents,' aiming to nurture 40,000 new personnel by 2026. However, this year's new cybersecurity personnel training projects by the Ministry of Science and ICT include ▲ elite expert training 'S Developer' course for 50 people (budget 1.4 billion KRW) ▲ introductory education White Hat School for 300 people (2.8 billion KRW) ▲ Security Academy for 100 people (1.2 billion KRW). Because of this, there are concerns that policies will not keep up with the direction or speed of the industry. Chairman Lee said, "We need to hire mercenaries who can immediately enter the cyber frontlines," and added, "It is time to start social discussions on large-scale introduction of foreign personnel." Seong Sang-yeop, chairman of the Korea Venture Business Association, also emphasized, "The criteria for issuing visas (E-7) to employ foreign experts should be lowered, and foreign employment should be made more flexible."

© The Asia Business Daily(www.asiae.co.kr). All rights reserved.