Officials at the National Intelligence Service (NIS)’s cyber terror response center monitor computer traffic at the agency’s headquarters in Seoul. |
By Kim Tong-hyung
Staff Reporter
The powerful Internet attack that recently crippled scores of South Korean computers in homes and offices may have been the best thing to ever happen to security equipment firms.
As companies and government organizations looking to up their guard against possible online assaults in the future, computer networking firms such as Nowcom, Cisco Korea, Arbor Networks and Radware Korea are finding a quickly-expanding market for their distributed denial of service (DDoS) defense solutions.
A DDoS attack occurs when multiple systems are flooded with traffic that overwhelms the bandwidth or resources of targeted systems. The recent cyber attacks affected nearly 80,000 computers in Korea, while also hurting the United States and China to a lesser degree.
These companies saw a sudden jump in their security equipment sales from July 7-10, when the DDoS attacks peaked, as Web sites scrambled to cope with the bombardment of traffic.
Nowcom benefited most, as the company said it sold more than 30 units of its anti-DDoS equipment, priced at 200 million won (about $160,000) apiece.
Cisco and Radware fielded increasing queries about their security equipment and also their network access control (NAC) solutions, which provide one-point controls for anti-virus programs, intrusion prevention and vulnerability assessment.
The Web site disruptions have since been abated, but the companies are likely to continue to see growing demand for their products and services as the government looks to spend a massive amount of taxpayer money to improve DDoS defense at public organizations.
Obviously, the biggest prize is winning contracts to participate in the Ministry of Public Administration and Security's ``DDoS Response System'' project, for which the Public Procurement Service recently issued orders.
To enable the latest equipment and solutions to reach public clients more quickly, the National Intelligence Service (NIS) has recently eased the regulatory requirements, allowing companies to provide the products before gaining Common Criteria (CC) certification for information technology security, an international standard for computer security certification.
Instead, the NIS is providing a simplified approval process through its IT Security Certification Center.
``The government has been eager to enable the quicker distribution of online security and traffic control equipment, saying it will spend 20 billion won to improve the security equipment at public organizations,'' said an industry official.
``Simplifying the reviewing process was a natural conclusion, and this will be a boon for companies like Nowcom.''
Currently, Nowcom, Cisco, Arbor Networks, Radware and LG CNS, the information technology services arm of LG Group, are among the companies that have applied for NIS approval to provide their products to public organizations.
Nowcom is hoping to sell its latest anti-DDoS equipment, Sniper DDX 5000 and also the Sniper DDX-5P v5.0, a comprehensive solution that combines intrusion detection sensors, block modules and control processors.
The company already provides the earlier versions of these products, Sniper DDX 2000 and Sniper DDX 4000, to public organizations after gaining NIS approval.
Arbor Networks has applied for approval on its Peak Flow anti-DDoS solutions and Cisco has submitted for review its ``Guard & Detector'' network security solutions.
LG CNS, whose Safezone XDDoS security equipment is currently being reviewed for CC certification, is also expected to apply for NIS approval for the product.
Although equipment firms are clearly benefiting from the recent Internet security crisis, critics are skeptical whether machinery will be enough to cope with cyber attacks that are becoming more sophisticated and diversified in methods and patterns. After all, it was equipment designed by these same companies that was breached by the current attacks.
Improved hardware and software can only make so much difference when the manpower is drained, as government organizations and companies continue to show reluctance to hire more security personnel.
According to the Administration Ministry's report earlier this year, the surveyed 695 government organizations hired an average of 0.7 security experts, with nearly 68 percent of them employing none.
Even the state-run Korea Information Security Agency (KISA), which stands at the frontline of the country's cyber warfare, has only 40 employees dedicated to researching hacking prevention solutions and monitoring abnormal traffic.
``The cyber attacks of today can't just be stopped by certain devices or equipment, but needs to be responded with better services and management,'' said Phillip Kim, the chief executive of security software maker AhnLab.
thkim@koreatimes.co.kr
|
한국과 일본 국가부도위험 비슷해졌다
