[ISN] Korea to Fight Web Attacks From China

[InfoSec News]

http://times.hankooki.com/lpage/tech/200602/kt2006022817142511780.htm

By Kim Tae-gyu
Staff Reporter
02-28-2006 

To counter the problem of identity theft, the Korean government will 
block the backdoor Internet pathway from abroad, which were used to 
steal personal data by getting bypass links to the country's Internet 
network. 

The Ministry of Information and Communication Tuesday revealed steps 
aimed at controlling the nation's rampant personal data leakage to 
overseas countries, especially China. 

``Since last week, in collaboration with Internet service providers, 
we already intercepted 2,600 illegal IPs, which were found to be the 
main routes for penetrating the Korean network,'' Lee Sung-ok, 
director general at the ministry, said. 

Identity theft en masse surfaced last month after complaints piled up 
that hackers stole private data, including resident registration 
numbers, from Koreans in order to subscribe to ``Lineage,'' the 
popular online game. 

Chinese hackers are suspected of leading the cyber crimes via a bypass 
link based on unlawful IPs, an alternative path other than the 
legitimate, primary one. 

``In the future, we will continue to keep tabs on such illegal IPs 
geared toward breaking into the Korean network and stealing personal 
information,'' Lee said. 

Lee said the ministry will also urge local Internet firms to use an 
alternative system other then resident registration numbers, the 
Korean version of social security numbers, for signing up to Web 
sites. 

``Furthermore, we will recommend Web sites use cell phones as a 
certification method to deter illegal subscribers. They can require 
people to enter their mobile phone numbers together with resident 
numbers when signing up,'' Lee noted. 

``The site then will send certification figures via mobile handsets 
and users will be have to enter the multi-digit number on the Web site 
for user verification,'' he added. 

The Chinese government will be asked to delete the personal data of 
many Koreans in circulation in China's cyberspace, he said. 

To prevent the recurrence of massive personal data leakage, the 
ministry also unveiled a package of measures including propagation of 
security patches as well as firewalls. 

``Currently, the penetration rates of security patches stand at just 
38 percent. We will increase the figure 80 percent and mandate gaming 
companies to install Web firewalls,'' Lee said. 

Toward that end, the country's main portal and game sites will have to 
be equipped with programs that automatically install security patches 
on subscribers' computers. 

The ministry also looks to check the security of the country's 70,000 
most-visited Web sites every day to shield them from onslaughts by 
unscrupulous crackers.