Through artificial intelligence (AI), cooperative investigation, and damage recovery technology, a strategy has been announced to prevent ransomware that evolves day by day and to deal with the damage.

The Ministry of Science and ICT and the Korea Internet & Security Agency held the “1st Ransomware Regency Conference” at Yangjae L Tower on the 20th to strengthen ransomware response and recovery capabilities through industry, academia, and research information sharing. At the event, the Ministry of Science and Technology introduced technology trends for the defense of ransomware attacks and announced the current status of ransomware accident response. It also introduced ransomware recovery technology.

Ransomware Regency is the ability to recover quickly when damaged by ransomware, and is the ability to prevent, detect, respond, recover, and analyze threats.

In the technology trend, the Ministry of Science and Technology presented a technology that detects and blocks ransomware attacks using malicious code by analyzing computer activities with artificial intelligence (AI) technology at all times. It is the latest defense technology that autonomously learns log files, file access records, and monitors attacks through bait files. A bait file is a file created in a virtual environment for ransomware detection and is used to attract attackers.

Regarding the response to the accident, the Ministry of Science and Technology explained the case of a joint investigation by Interpol and three countries (Korea, the United States, and Ukraine) conducted by the National Police Agency to arrest the Klopp ransomware organization.

In October last year, six suspects belonging to an international criminal organization who paralyzed the system and extorted money and valuables by spreading Klopp ransomware to universities and companies through hacking investigations, forensic analysis, and virtual asset tracking.
Cyber attacks through ransomware have become more intelligent and advanced day by day, and the number of reports of ransomware damage in Korea reached 225 in August, continuing to increase the number of ransomware infections in Korea.

The Korea Internet & Security Agency suggested customized ransomware countermeasures suitable for PC users and server managers through analysis of infection routes and ransomware types for five recent types of infringement accidents.

Leave a Reply