Remarks
by H.E. Mr. Ahn Chong-ghee
Vice Minister of Foreign Affairs
Republic of Korea

Inter-Regional Conference on Cyber/ICT Security
4 April 2017

Ambassador Bertagnoli(베르타뇰리),
Director Ostrauskaite(오스트라우스카이테),
Excellencies,
Distinguished Guests,

First of all, I would like to welcome all of you to the Inter-Regional Conference on Cyber/ICT Security. My special thanks go to all those who have traveled great distances to attend this meaningful event.

I am particularly honored today to kick off this conference on behalf of my government, as the host country. To my knowledge, it is the very first occasion for the OSCE to have an inter-regional dialogue with Asia exclusively on this important issue of cyber security.

This conference is also a symbol of the deepened cooperation between Korea and the OSCE. Korea became an Asian Partner for Cooperation in 1994. I am pleased to see our cooperation further expand to explore new horizon issues such as cyber security.

Ladies and Gentlemen,

As the advance of information technology has presented us a new domain of boundless opportunities, it also brought the unprecedented challenges with them. The stakes are even higher as the Fourth Industrial Revolution unfolds. Therefore, cyber security, roughly defined as the protection of systems, networks, and data in cyberspace, is now a vital issue for all.

Cyberspace has become a new chess board for major powers vying for greater influence. Miscalculations and misperceptions in cyberspace can escalate physical conflicts. Furthermore, recent cyber attacks are moving beyond hacking of individuals or businesses - they are targeting national critical infrastructures. It is a nightmare scenario if global terrorist groups such as ISIS carry out malicious attacks on systems of nuclear power plants.

Asia is not immune to this emerging threat. On the contrary, with greater connectivity, Asian countries are more vulnerable to cyber attacks. According to a report by a US cyber security firm, FireEye , Asian companies are 80% more likely to be targeted by hackers than companies in other parts of the world.

Given this, cyber threats cannot be dealt with single-handedly. Regional, and international cooperation is of utmost importance for open and secure cyberspace. This is precisely the reason why we are gathered here in Seoul today. I am confident that this conference will lay a foundation for the further cooperation between the OSCE and the Asian group in cyber domain.

Ladies and Gentlemen,

In response to the looming cyber threats, I would like to reiterate the importance of the following four key elements that the international community should focus on if we are to ensure a secure cyberspace: (1) inter-state partnership; (2) confidence building; (3) capacity building; and (4) norms development. Rest assured, these elements are all included in the agenda of the conference.

First and foremost, we need to establish strong and effective partnership to respond to malicious trans-border activities in cyberspace. Considering the volatile nature of digital evidence, a timely response is critical in addressing cyber attacks. In this respect, it is important to swiftly exchange relevant information on cyber threats. Also, enhancing cooperation among law enforcement agencies is crucial. In so doing, we will be able to send a strong message to perpetrators, that they will be eventually held accountable for their wrongdoings.

Second, we should develop confidence building measures, which can further enhance transparency and mutual understanding among nations. Due to the unique nature of cyberspace, States can misunderstand the origin of cyber attacks or misperceive other parties’ intentions. Such miscalculation, especially when combined with mistrust of other parties, can escalate tension between States. Cyber confidence building measures, which enhance transparency and predictability, are therefore an essential element for national security.

In this regard, the OSCE is playing a pioneering role. The OSCE has adopted two sets of confidence building measures (CBMs) - in 2013 and 2016 - and these are the first CBMs agreed upon by a regional organization with such vast membership.

Asia also has been keen on developing regional cyber CBMs. One of the achievements is the adoption of the 「ARF Work Plan on Security of and in the Use of ICTs」 in 2015. I believe this conference will provide an excellent opportunity for the OSCE and Asian region to share our views and experience in building cyber CBMs.

Third, we should bridge the gap in cyber security capacity among countries. Many malicious actors in cyberspace tend to take advantage of weak links within the global cyber ecosystem. In other words, States with low cyber security capacity are often targeted or used as a transit route. It is important for technologically advanced states to invest more on states with limited cyber capability.

Last but not least, it is crucial that we step up our efforts to develop and promote international norms applicable to cyberspace. Without an agreed set of norms governing cyberspace, it is difficult to jointly investigate cyber incidents or protect critical infrastructure. Currently, in-depth discussions are under way in the UN Group of Governmental Experts on Information Security(GGE). In this regard, I would like to acknowledge Mr. Karsten Geier, the chairman of UN GGE, and other GGE members who joined us today.

Ladies and Gentlemen,

Bearing in mind these four key elements, the Korean Government is beefing up its efforts to tackle cyber threats at the bilateral, trilateral and global level. Korea has been holding bilateral cyber policy consultations with 10 countries including the United States, China, and Japan, and two international organizations, the EU and NATO. Moreover, we have trilateral consultations with Japan and China, to share information on cyber threats and enhance cooperation among law enforcement agencies.

On a global level, Korea played a leading role by successfully hosting the 2013 「Seoul Conference on Cyberspace」 and producing the 「Seoul Framework for and Commitment to Open and Secure Cyberspace」. Korea also facilitated the international cooperation in cyber capacity building by incorporating it into the conference agenda. Taking this initiative a step further, Korea launched Cybersecurity Alliance for Mutual Progress(CAMP) in 2016, which is a capacity building partnership of 49 agencies in 37 countries, to share expertise and experience.

In the same vein, Korea is contributing to the global efforts in creating international norms of cyberspace, having participated in four rounds of the UN GGE, including the current 2016-17 discussions. And we are committed to taking part in further discussions on this issue.

Ladies and Gentlemen,

This conference cannot be more timely and pertinent as we are witnessing the emerging cyber threats from North Korea.

It is estimated that North Korea ranks 8th for its cyber offensive capability in the world . Along with its weapons of mass destruction - development of nuclear and chemical weapons and their means of delivery - North Korea is also advancing its own “weapons of mass disruption.”

As seen in its hacking of Korea Hydro & Nuclear Power Company in 2014, North Korea continues to carry out malicious cyber attacks against our critical infrastructure such as government agencies, media, and financial institutions. Moreover, the cyber attack on Sony Pictures Entertainment in 2014 demonstrates that its cyber threat is now of global concern.

More importantly, North Korea is trying to use its illicit cyber activities to bypass the tightened sanctions and bring in cash to finance WMD development. It is believed that North Korean hackers were behind the bank heist of 81 million US dollars from the Central Bank of Bangladesh in February 2016. And the network of its IT workers abroad is being utilized for financing Pyongyang’s WMD program.

With the toughest yet international sanctions regime in place, North Korea might become more dependent on illicit activities including cybercrimes to generate income. Now is the time for the international community to act in unison in responding to North Korea’s cyber threats and efforts to dodge sanctions. In this regard, I call upon the OSCE and ARF member countries to take active measures and exercise vigilance.

For instance, the Korean Interdiction and Modernization of Sanctions Act (H.R. 1644), recently passed by the Foreign Affairs Committee of the US House of Representatives, includes provisions on North Korea’s illicit activities to earn revenues on cyberspace. This clearly demonstrates the gravity of the growing threats posed by North Korea.

Against this backdrop, I very much hope this conference can also raise the awareness of the international community on North Korea’s grave cyber threats and pave the way for the international cooperation in countering them.

Furthermore, North Korea’s cyber threat is only a part of its asymmetric capabilities. On numerous occasions, the North has publicly announced that it will continue to strengthen its nuclear and missile capabilities. At the moment, we are monitoring carefully as Pyongyang is highly likely to conduct further provocations. As such, we are confident that the OSCE partners will continue to convey a stern message of warning to North Korea in one voice.

Ladies and Gentlemen,

When it comes to cyber security, we are all in it together, because an attack on one network is bound to upset the whole system. Cyberspace, open and trans-boundary, is indivisible in nature. It is for these reasons that the different regions need to work together in responding to mounting challenges.

As Henry Ford famously puts it, “Coming together is the beginning. Keeping together is progress. Working together is success”. The opening of the conference is therefore only the beginning, and I hope we can make a progress and success by keeping and working together.

And, I am certain that this conference will serve as an important stepping stone for close cooperation among actors, nations and regions by cultivating the mutual understanding and encouraging dynamic exchange of ideas.

As we strive together to keep the momentum in these crucial efforts, Korea, for its part, will continue to play a bridging role between the OSCE and the Asian region as we join hands for cooperation in cyber security. Thank you. /END/