"Just Got Lucky This Time"
High Domestic AWS Dependence
Big Impact Expected If Incident Occurs
Redundancy Challenge Amid Cloud Expansion
"It was just luck."
This remark was made regarding the domestic market, which suffered relatively less damage from the Microsoft (MS) cloud service outage. However, it is pointed out that similar incidents can occur anytime as cloud dependency continues to grow, even though fewer places used the problematic program.
"South Korea is not a safe zone either"
According to the IT industry and foreign media on the 22nd, the direct cause of this incident was a program error from a U.S. cybersecurity company. CrowdStrike's security program 'Falcon Sensor' conflicted with MS's Windows system after an update. The extensive damage was due to the conflict occurring within MS cloud 'Azure.' Companies worldwide use the cloud to host core systems and software (SW). When the cloud encountered a problem, the interconnected systems and services were paralyzed.
The fact that the cloud environment and security program were the root causes means South Korea is not a safe zone either. It was only that fewer companies used MS Azure and CrowdStrike; similar issues can occur with other cloud services at any time. Professor Kwak Jin from Ajou University's Department of Cybersecurity diagnosed, "It seems the update measures were insufficient, but no matter how well quality checks are done, conflicts can occur when running on the actual operating system (OS)."
In particular, South Korea has a high dependency on Amazon Web Services (AWS), the world's number one cloud provider, so if an incident occurs, the impact can be significant. According to the Ministry of Science and ICT, the platforms used by domestic cloud-using companies (multiple responses allowed) are AWS 60.2%, MS 24.0%, and Google 19.9% in order.
In fact, AWS caused problems in 2018 due to some Domain Name System (DNS) configuration errors. At that time, websites and services of domestic companies such as Coupang, Baedal Minjok, Eastar Jet, and Yanolja went down. In 2021, AWS outages caused system failures for domestic game companies’ titles like 'Cookie Run Kingdom.'
Using domestic solutions does not guarantee protection from damage either. Just two years ago, a domestic security solution, ESTsecurity's 'ALYac,' caused an incident that attacked Windows. As a result, 16 million PCs using ALYac went down, causing repeated outages.
Cloud is the trend... but only half have redundancy
Cloud-based services are expanding. The domestic cloud market is estimated to have exceeded 6 trillion won. As of 2022, it was 5.84 trillion won in scale, continuing double-digit growth annually. From a corporate perspective, using the cloud is more cost-effective than storing core systems and SW on individual devices. As the amount of data handled increases, clouds capable of processing it are gaining attention. Cloud providers are expanding related businesses by integrating generative artificial intelligence (AI) into the cloud.
The government is also moving in line with this trend. In particular, to promote the adoption of private cloud in the public sector, it introduced the Cloud Security Assurance Program (CSAP) grading system last year. Systems are classified into high, medium, and low grades, allowing foreign companies to participate in the 'low' grade. It is reported that AWS, MS, and Google have applied for CSAP certification and are undergoing review. The reason public institutions were not affected in the recent MS incident is that no foreign companies had passed CSAP so far, but lowering the entry barrier exposes public institutions to risks.
Although the cloud has become mainstream, there is still a long way to go for 'redundancy' to ensure system stability. In the MS incident, companies using multiple cloud systems such as the three major mobile carriers and Naver and Kakao were not affected. However, the proportion of domestic companies using two or more cloud services is 44.7%, less than half. Professor Kwak advised, "Security tends to receive attention only after incidents occur, but continuous investment is necessary," adding, "It is also important to train security experts and system operation professionals."
© The Asia Business Daily(www.asiae.co.kr). All rights reserved.
