Professor Kim Seong-hoon : Expert in Cybercrime
Let's learn more about cybercrime
Reporter Lee Se-mok
churrasco23@naver.com
These days technology is a major part of everyday life, but as technology has developed, there has also been an increase in the number of cybercrimes being committed. The internet is flooded with articles about damaging cases of cybercrime and it is still a topic that people are paying attention to. Moreover, cybercriminals are becoming smarter and are constantly coming up with new methods to attack unsuspecting victims. Based on this increasing trend, the Woesong Times discussed the issue with Professor Kim Seong-hoon from the Department of Cyber Security & Police to hear about how one can safely navigate through the world wide web.
Q1. Could you please introduce yourself?
A Hello everyone, my name is Kim Seong-hoon and I teach students police-related subjects in the Department of Cyber Security & Police. I have served as the chief of front line police, director of the investigation and security unit and it is a pleasure to meet you all.
Q2. What kinds of subject do students learn in the Dept. of Cyber Security & Police?
A The Dept. of Cyber Security & Police is one that combines information security and police administration education. We run an information protection curricula such as cryptography, systems security, network security, simulated hacking, and security control practice training. Moreover, we also run courses on police science, criminal law, criminal procedure law, police investigation, and constitution, hoping that our students become great police officers in the future. Through these kinds of curricula, we hope our students become experts in cybersecurity and investigation.
Q3. What was the most interesting case during your service?
A My most interesting case happened in 2017. An old lady who lived in an apartment was deceived by a voice phishing criminal who impersonated a financial supervisory service employee. She only realized that she had been deceived after handing over fifty million KRW to the criminal. The family was shocked and asked for help from our cyber investigation team. We rapidly looked at the CCTV near the bank and traced the criminal phone. Fortunately, we were able to catch the criminal and return the money to the lady's family. I remember they were so appreciative that they all cried a lot and this is one of my most memorable cases during my service.
Q4. What kinds of cybercrime are there?
A Cybercrime can be divided into general cybercrime and cyberterrorism, depending on the purpose of the crime. General cybercrime is considered as crime that happens in cyberspace such as personal information infringement, cyberstalking, and cyber sexual violence. On the other hand, cyberterrorism attacks information and communication networks with advanced technical skills. Hacking and malicious programs are related to cyberterrorism.
Q5. Through what channels are cybercrimes mainly discovered?
A Recently cybercrime has not appeared on surface websites such as Naver or Daum which anybody can access easily. Instead, it now appears in a secured network that can be accessed only by special routs through the 'Dark web'. Cybercrimes such as hacking, illegal pornography, sexual exploitation, and drug or weapon transactions have been discovered recently on the Dark web. This kind of phenomenon is happening because the Dark web guarantees anonymity and it is being used increasing rapidly in our daily lives.
Q6. Cybercrime is increasing day by day as technology advances, is there a way to prevent these crimes?
A The first step to avoid these kinds of cybercrime is to not download any unknown programs which are attached to your messages or other websites. The second step is to upgrade and update your vaccine application regularly. Through this process, you can avoid most of the viruses that can be planted on your computer or phone. The third step is to change your passwords regularly and strengthen your passwords by making them longer than eight digits and including a special character. This may seem very obvious, but many people do not change their passwords often. The fourth step is to save all of your important data on to a hard disk or portable USB. If you are involved in a cyber-attack, this process will help you keep your important data. Last but not least, there are many cyber criminals impersonating financial supervisory services and the police. Official employees will never ask you to withdraw or send money to them, so if you hear people asking you to send money you should never send it to them. If someone makes these kinds of demands, they are almost certainly a criminal and after you end the call you should go to a nearby police station or call 112 and inform the authorities about it.
Q7. What is the wisest way to deal with cybercrime when it comes to damage?
A If you become a victim of cybercrime, you should first get your phone record and any evidence of loss/damage. Once you have all the information, go to the nearest police station or contact the cybercrime report counseling office and inform them about the situation you are in. You can also receive PC remote inspection and technical counseling from the Korean Internet & Security Agency.
Q8. What makes it difficult to respond to cybercrime?
A Recently, cybercrimes have become more intelligent and complicated these days. If you look at the trend of cybercrimes so far you can see that the cyber criminals are changing their methods at the same rate as the development of science and technology. They either refine their current methods or create completely new methods never seen before. Due to these constant changes, cybercrime is becoming more and more difficult to prevent and respond to.
Q9. Due to the anonymity of the cyber world, cybercrimes have been appearing more recently on YouTube and across the metaverse. What kinds of punishment are there for these types of crime?
A According to the national police agency, in 2019, 2600 cases of cyber sexual violence were reported. However in 2021, 4300 cases of cyber sexual violence were reported, which is an increase of more than 60% in just two years. Recently, among the cases of cyber sexual violence, new types of cybercrime in the metaverse and virtual YouTube characters have been created. The development of new technology is also reflected in the development of cybercrime. Under the current law, sexual harassment and sexual violence on the metaverse can be punished by a fine of up to 20 million KRW or a custodial sentence of up to two years. Moreover the act of distributing sexually explicit material by virtual YouTuber is open to punishment according to the use of communication media and pornography. Criminals who commit these kinds of crime can be punished with a prison term or a fine of up to 10 million KRW. Cybercrimes are happening generally in places where anonymity is guaranteed, but there is always a way to identify the criminals.
Q10. Are there any cyberterrorism cases that made you interested?
A One of the most interesting cases happened on March 20, 2013. The computer networks of famous TV stations in Korea such as 'KBS', 'MBC', and 'YTN' were paralyzed by a cyberterror. Through this, the broadcasters were unable to connect to their employees' PCs and internal computer networks for a while. This caused a huge setback in their broadcast production. Employees were running around carrying paper and reporters who were in the field sent text messages instead of doing their original process. They couldn't send articles online and search for fax machines to send their work back to the station. At the same time problems began to happen in the servers of Korean banks. All computers in Shinhan Bank were paralyzed and transactions through ATM services were suspended. The NH Bank also had problems with its servers and blocked all transactions on the computer network and ATM services. People were having many problems with bank transactions for two to three hours and they started to complain to the banks' customer center. On that day about 32,000 PCs owned by six companies including 'KBS', 'MBC', and 'YTN' caused a temporary malfunction with heavy damage. Moreover, more than 16,000 ATM devices were damaged as well as their web servers. The broadcast data and bank data stored on the PC were erased and took about a month for all these systems to be restored to normal. According to the research results of the KAIST Graduate School of Information Security, the damages in system recovery costs and lost revenue were close to 136 billion KRW.
Q11. Is there anything you want to say to students who are interested in the Department of Cyber Security & Police or students who are currently in school?
A Through the development of information technology, cybercrime is becoming more intelligent and advanced. Many new methods of cybercrime have been developed recently and in order to respond, we have no choice but to secure experts in investigation. To respond effectively to cybercrime, the police agency is expanding the hiring rate of professional cyber investigators every year. Based on the increase in cybercrime, the outlook for the Department of Cyber Security & Police is very bright. We are waiting for interested students who are willing to respond to various cybercrimes that threaten our daily lives and national security. Thank you.