► Due to a fire in its data center on October 15, KakaoTalk, the messaging app used by nearly all Korean citizens, and its related services, such as banking, were suspended, leading to extreme social turmoil. 

► In the wake of the Kakao incident, it is imperative to examine Korea's overall cybersecurity situation and prepare countermeasures.

► Cybersecurity systems must be comprehensive; security must be regarded as a promising industry; and response systems must be international in scope. 

Due to a fire in its data center on October 15, KakaoTalk, the messaging app used by nearly all Korean citizens, and its related services, such as banking, were suspended, leading to extreme social turmoil. This incident clearly underscores the security features of the digital era.

First of all, in a hyper-connected society where anyone can access any electronic device through the internet at any time, it is pointless to divide security into public and private domains and cyber and physical spaces. The Kakao incident shows how a fire in a private company can spread to cyberspace and then physical space. In addition, North Korea is taking any chance it gets to attack the weak points in Korean society through cyberattacks. As soon as the Kakao incident occurred, North Korea attempted to hack people by sending phishing emails impersonating Kakao. Moreover, there are several hidden security loopholes in Korea's extremely digitalized society. The issues with KakaoTalk would not have been exposed if the fire had not occurred. There are weaknesses that we have yet to identify, but there is also the hidden risk of hackers hiding in cyberspace just waiting for an opportunity to attack. Therefore, in the wake of the Kakao incident, it is imperative to examine Korea's overall cybersecurity situation and prepare countermeasures.

The global security environment is deteriorating. President Xi Jinping, who has succeeded in serving a third consecutive term, is expected to strengthen his country's offensive diplomacy to legitimatize his one-man long-term rule. Russia, which is bogged down in the war in Ukraine, is toying with the idea of nuclear weapons as a last resort to win the war. North Korea introduced the "Policy on Nuclear Forces" on September 8, threatening South Korea by stating the targets and conditions for a preemptive nuclear strike. These escalating traditional security threats are creating a more intense security environment in combination with cyberattacks, which are evolving due to the rapid development of technology.

Cyberattacks are a new offensive tool that differ from traditional force because they can be carried out in any location 24 hours a day and are done in stealth, making it difficult to attribute the source of the attack and retaliate. In short, cyberattacks are an advantageous tool for attackers. Nevertheless, cyberattacks are not taken seriously in Korean society. Existing tools are insufficient to respond to current cyber threats, Therefore, we are in need of a new response system. Cybersecurity systems must be comprehensive; security must be regarded as a promising industry; and response systems must be international in scope.

First, cyberattacks are characterized by their comprehensiveness as attackers can select targets and locations regardless of time or physical constraints. Therefore, countermeasures must be equally as comprehensive. Cyberattacks can range from petty crimes to attacks on national infrastructure, such as power and communications networks, as seen in the May 2021 attack on the Colonial Pipeline in the United States. They are also used as a tool of psychological warfare to spread disinformation with social bots using AI algorithms. In addition to its existing cyberattacks, North Korea has recently been focusing on cybercrime activities targeting foreign currency. One example is the WannaCry ransomware attack in 2017, which stole data from more than 230,000 computers in 150 countries and extorted money. In addition, North Korea is indiscriminately attacking ATM machines, cryptocurrency exchanges, online game money, and even central banks. Since the foreign currency obtained through these attacks is used to fund missile and nuclear tests, North Korea's cybercrimes are directly related to South Korea's security.

Cyberattack response systems must also be comprehensive and complex, encompassing the public and private sectors in the fields of security, crime, economy, and psychology. It is difficult to govern cyberspace with the current system, in which organizations and legislation are separated across different domains. In particular, the current response system, which is divided between the public sector (covered by the National Intelligence Service), the private sector (by the Ministry of Science and ICT), and the military (by the Ministry of National Defense), is not suitable for cyberspace, where rapid response is vital, due to limited cooperation between government agencies. Therefore, a more effective solution would be to enact separate laws governing cybersecurity and create a new cybersecurity organization, which would act as a control tower encompassing both the public and private sectors. Some have claimed that the National Intelligence Service (NIS) can act as a control tower, but due to the secretive nature of the organization, it would be unsuitable to deal with the private sector.

Because it is difficult to showcase the achievements of defense-oriented cybersecurity, it is likely to be neglected by top policymakers. Therefore, the Office of National Security must make cybersecurity a policy priority and continuously monitor its implementation. The organization and functions of existing cybersecurity organizations, such as the NIS, should also be strengthened as much as possible. Because the cyber sector relies on manpower and technology, from a long-term perspective, it is critical to establish a system for training technology professionals and to continue strengthening investment in this regard.

Second, although cyber security is primarily a security measure, it also needs to be recognized as a rapidly growing industry. The global market size of the cybersecurity industry reached USD 185 billion (approx. KRW 240 trillion) in 2021 and is expected to grow at an annual rate of 12% until 2030. However, in 2020, Korea's information security exports reached only KRW 145.6 billion, less than 0.1% of the global market. In 2021, big tech companies, such as Apple and Google, invested USD 2.4 billion (approx. KRW 3 trillion) in cybersecurity companies. In comparison, Korea's investments are so small that companies with less than KRW 5 billion in capital account for 93% of total investments. It is unfortunate that a country that has been the target of persistent cyberattacks from North Korea and boasts advanced ICT technology is neglecting the cybersecurity industry like this. Just as the Korean government has supported the defense industry for decades and defense exports have now become a major export industry, cybersecurity is now in need of intensive government support. Fortunately, the Yoon Suk Yeol administration has designated cybersecurity technology as a "future strategic technology" and increased the budget for research and development.

One country that has successfully nurtured the cyber field as both a security field and an industry is Israel. Israel, along with Silicon Valley and Washington D.C. in the United States, is considered one of the world's top three regions in cybersecurity technology. In 2021, 40% of global private investment in cybersecurity went to Israel, and in the same year, nearly one-third of the world's cybersecurity unicorns were based in Israel. None were based in Korea. Through intensive investment, including the government-led construction of the CyberSpark cyber innovation arena in the desert and the systematic development of human resources, Israel is positioning itself as a cyber powerhouse. Considering that both Israel and South Korea are facing grave security threats, Israel is a good model for Korea.

Third, in recent years, cybersecurity has emerged as a key issue in international relations. Because cyberattacks are often carried out through several countries or target multiple countries at once, cooperation between affected countries is vital. At the same time, cyber is also a space where there is pronounced conflict and confrontation between the U.S. and China surrounding technology competition as shown by U.S. sanctions on Huawei related to 5G. This contradicting policy directions of cooperation and conflict makes it much more difficult for Korea to make a strategic choice. However, cooperation with the West, including the United States, is critical in the sense that a free and open cyberspace is in line with Korea's interests and values. Korea should make every effort to maintain close cooperation with the West, including joint exercises and information sharing, and should expedite accession to the Budapest Convention on Cybercrime spearheaded by the West. Furthermore, to ensure that cybersecurity norms that are beneficial to Korea are created in the long term, Korea must actively participate in UN-centered discussions on cybersecurity norms.