Korea status and future plan on spam & hacking complaints

1. Korea status and future plan on spam & hacking complaints August 30, 2001 Hostmaster@nic.or.kr Yong Wan Ju Korea Network Information Center

2. Overview • Discussion Point • Related KRNIC Activities • Korea Government Activities • Points of Issue • Countermeasures • Any Questions ? • Reference Site

3. Discussion Point • How to guide complaint mails on spam & Hacking as National Internet Registry ? Int’l Internet Users APNIC KRNIC Domestic Internet Users APNIC Whois KRNIC Whois Supply Whois information Members Members Path of Whois query

4. Related KRNIC Activities • Through cooperation with APNIC • Actualized APNIC Whois database • Deleted wrong Whois information • Modified incorrect Whois information <The status of complaint mails before and after APNIC Whois DB update>

5. Related KRNIC Activities • Through cooperation with KRNIC Member ISPs • Held a conference on KRNIC Whois DB actualization • Designated the staff of each ISP in charge of spam & hacking complaint mails <The status of designation on the responsible staff>

6. Korea Government Activities(1) • KISA (Korea Information Security Agency) • Response hacking and virus incidents • Research information security related laws and regulations • Develop system and network security technology • Provide information security education program MIC KISA CERTCC-KR Cyber118 CyberPrivacy Hacking and Virus International Hacking and Virus Domestic Spam

7. Korea Government Activities(2) • CERTCC-KR (Korea Computer Emergency Response Team Coordination Center) • National Incident Response Coordination Center • To coordinate the handling of computer security incidents • To help prevent computer security incidents • To provide a single trusted point of contact for international computer security incidents • Cyber118 • Domestic Incident Response Coordination Center • Information Desk • Cyberprivacy • Personal Data Protection Center

8. Points of Issue • Difficulty of Whois information actualization • Cognition deficiency of hierarchical Whois DB operation • Deficiency of Uniform actions at ISP & governmental level • Non healthy usage culture of Internet users • Deficiency of security consciousness of each system operators

9. Technical Side Legal Side Cultural Side Network & System Operator Government ISP Internet Users Countermeasures - Overview Establish Ideal Internet culture 2 1 Supply correct Whois Information

10. Countermeasures - 1 • KRNIC • With APNIC • Discuss insertion of “responsible person object on spam & hacking complaints” on APNIC Whois DB • With KRNIC Member ISPs • Actualize KRNIC Whois information on ISPs’ assignments periodically under the cooperation with ISPs • Designate responsible person on spam & hacking complaints of each KRNIC member ISP • Guide how to use Whois DB to Internet users • With Korea Government • Inform present status on spam & hacking complaints and request to make relevant regulations

11. Countermeasures - 2 • Legal Side • Government : set up Spamming & Hacking regulations • ISPs : set forth relevant “article of treaty” for Internet usage • Technical Side • ISPs : implement detection system against Spam & Hacking and take technically relevant actions • Users : enhance security system on inbound & outbound • Cultural Side • APNIC : inform related resolution procedure in A·P region • KRNIC : inform related resolution procedure in Korea • ISPs : Guide good consciousness on Internet usage • Users : enhance good consciousness on Internet usage

12. Any Questions ?

13. Reference Site • http://www.mic.go.kr • http://www.kcc.go.kr • http://www.kisa.or.kr • http://www.certcc.or.kr • http://www.cyber118.or.kr • http://www.cyberprivacy.or.kr • http://www.krnic.or.kr • http://ipwhois.nic.or.kr • http://www.apnic.net