But there is one catch here.
Since the mid-2000s, most communications/web security in Korea has been implemented through closed network security, also known as air-gapped networks.
What is this?
To put it simply, the business computers of the company/institution where the security is provided are systems that are connected to an intranet, not the Internet.
This is a system that cannot be accessed from the outside in any way other than physically working on site.
Most notably, it was known to the public during the martial law civil war that the National Election Commission was using this system.
Since this system is almost a physical security policy, it only prevents intruders from entering the building.
It has been a security powerhouse in its own right as it is a system that is virtually impossible to hack unless data is stolen by an insider.
Then…
At this point, you make an inevitable but fatal choice.
This is the beginning of working from home.
In the process, we had no choice but to connect the intranets of each company and organization to the Internet.
At this point, the hacking highway opens.
The problem was that because security was close to physical isolation, existing online security was very lagging.
Now that the access road has been cleared, online security updates should have been done on a large scale like other countries.
If you’re not doing this properly, you’re screwing up like this.
In addition, due to the “closed network security” policy that was first explained in Korea, there is a shortage of online security solution companies and talent.
This is at a level where not only private companies but also public institutions must entrust security to foreign companies.
This is a no-brainer here, but we decided that the security of the national infrastructure network could not be entrusted to a foreign company.
I’m guessing that they may have left it to a domestic company with relatively less skills and experience and been robbed like this.
And the reason why hacking from several months ago is only now coming to light
Now, in the process of hastily updating online security, I think we are finally becoming aware of hacking damage that we didn’t even know existed before.
Actually, I’m not sure which is worse;;;;;;
However, this does not mean that the National Election Commission mentioned above was exposed to hacking.
As everyone knows, the National Election Commission is an organization that does not hold elections every year or every month, so there is no reason to work from home through the intranet.
So, after several verifications, it was revealed that the National Election Commission intranet had never been connected to the outside world.
Of course, it has already been proven several times that there was no hacking.
Places that have been steadily updating their online security have maintained their security without investing additional money.
Places that operated such closed network security were in need of major upgrades by investing quite a lot of money.
There’s no way these bastards would invest a lot of money in security that doesn’t seem to be directly related to immediate profits…
3 line summary
1. Korea is a country that has maintained its security well through closed network security.
2. However, at the time of the onset of COVID-19, a closed network was connected to allow working from home.
3. They should have invested in building large-scale online security afterwards, but they did not know (or responded late).
-Kkeut-