Even South Korea’s largest protection corporations should not have ample cyber safety workforce in place, and their contractors exempt from authorities monitoring, leaving loopholes for cyber threats, Rep. Lim Jong-deuk stated Monday, citing Protection Acquisition Program Administration information.
In line with DAPA information submitted to Lim’s workplace, as of final yr, simply 0.6 % or 124 of 18,043 defense-related staff throughout 18 largest protection corporations in South Korea had been in control of cyber safety.
Extra troubling is the spike in leaks on the protection corporations’ contractors, which aren’t topic to authorities cyber safety surveys, seen thus far this yr.
From January to August 2024, 19 leaks had been reported at contractors working with protection corporations. This marks an increase from six studies of leak logged all through 2023. There have been 12 leaks reported in 2022, 16 in 2021, and three in 2020.
Cyber assaults account for the overwhelming majority of leak accidents, information confirmed. Out of the whole 56 reported leaks from 2020 till August, 37 had been attributable to cyber assaults.
The same rise in leaks from cyber assaults had been noticed at protection corporations this yr.
Over the primary months of 2024, 14 of the reported leaks had been on account of cyber assaults. By compaison, 4 of the reported leaks had been attributable to cyber assaults in 2023. Two leaks resulted from cyber assaults in 2022; 5 in 2021; and 4 in 2020.
Lim says intelligence authorities imagine North Korean hackers to be behind the cyber assaults concentrating on the South Korean protection trade.
“Whereas cyber assaults towards our protection trade have proven a worrying rise this yr, cyber safety workforce is surprisingly missing even on the largest protection corporations within the nation,” the lawmaker advised The Korea Herald.
He identified that below the federal government steering, cyber safety employment requirements are beneficial, not enforced.
“To assist corporations enhance their cyber safety posture, the federal government mustn’t solely require these requirements but in addition institutionalize help for corporations in constructing their very own safety techniques,” he stated.
Lim stated in contrast to protection corporations, that are surveyed by the federal government commonly, their contractors had been left within the blind spots.
DAPA information from the previous three years confirmed some protection trade leaks couldn’t be traced to their sources.
“Contractors nonetheless have entry to delicate information. Leaving them out of presidency monitoring might go away loopholes for North Korean hackers to use,” the lawmaker stated.