The 19th Hacking Security Seminar Held
We need to approach it from a zero trust perspective
Complete blocking is impossible… Minimizing damage is a priority

As cybersecurity threats are occurring regardless of whether they are corporations, government agencies, or companies, including the distribution of 170,000 photos taken through hacking of apartment wall pads and external access through the Atomic Energy Research Institute's VPN, an event has been prepared to learn about cybersecurity vulnerabilities and suggest solutions.

The National Assembly 4th Industrial Revolution Forum and the Korea Hacking Security Association held the 19th Hacking Security Seminar at the National Assembly Members’ Hall on the 15th.

Professor Kwak Jin of Ajou University gave a presentation on the necessity and limitations of security in light of the Wallpad security incident that occurred last year, and emphasized the need for security from a 'zero trust perspective.'

Apartment wall pad attacks surfaced last October when hacked photos of wall pads of 170,000 Korean apartments were leaked on a Hong Kong forum. The cyberattack occurred through a bulletin board on an apartment management website. This is a case where the severity of the security level of smart home wall pads was recognized when the wall pad was hacked using a basic hacking attack technique called 'web cell'.

The 'web shell' attack can upload malware capable of remote code execution using the file upload function and does not verify the appropriateness of the extension of the uploaded file.

The network structure of the wall pad consists of, from the top, △central management server △apartment complex server △public facility control server (parking lot, elevator, etc.) △apartment building gateway △household wall pad.

The flow of Wallpad data is connected in the following order: △Apartment complex server search △Data transfer to complex server △Data transfer to building gateway △Device control from Wallpad.

The previous cyberattack originated from the central management server that searches for apartment complex servers and penetrated all the way to the last wall pad. It is assessed that this poses a risk that could even lead to a blackout.

As a countermeasure to the previous attack, there was talk of installing a firewall from the central management server to the wall pad to block attacks.

Professor Kwak Jin questioned this method. He said he wondered whether the apartment management office could afford the cost of installing a firewall and maintaining and managing it.

From July 2022, the ‘Instant Home Network Equipment Installation and Technology Standards’ will be revised. This is to prevent security accidents that may occur through the home network and to ensure stable operation of the network.

Professor Kwak said that this revised law is not 'mandatory' and that it is necessary to examine whether it is reasonable from the user's perspective to install authentication verification procedures such as smart banking on home networks.

He emphasized, “The approach that security is perfect just by introducing ‘network separation’ is dangerous,” and “We need security from a ‘zero trust perspective’ that trusts no one and grants authorization through thorough authentication and verification of all users.”

Not only households, but also government agencies and companies are suffering from cyber attacks.

Domestic ransomware damage reports increased by 76% in one year, from 127 cases in 2020 to 223 cases in 2021, and there was also a risk of core technology leaks at the Atomic Energy Research Institute, which was hacked through VPN. The National Intelligence Service announced that a total of 99 core technology leak attempts were detected between 2017 and February 2022, and the scale was in the 22 trillion won range. It is assessed that hacking attempts have also increased as non-face-to-face work has increased due to COVID-19.

Lee Moo-sung, CEO of MLSoft, said, “Network separation, which assumes ‘if something enters the network, I’ll trust it,’ is very dangerous in a hyper-connected society.” He explained, “Prohibiting ‘lateral movement,’ which allows movement between individual PCs, servers, or applications within the same network section or network, is the basis of zero trust.”

Both Professor Kwak and Representative Lee said it was impossible to completely block attacks. Instead, they all agreed that the key is to respond quickly when an attack occurs to minimize damage, and that technology for quickly recovering is also important.