SEOUL, Aug. 5 (Yonhap) — South Korea’s ICT ministry said Thursday it will expand support to small businesses to help them ward off ransomware threats after it raised the country’s cyberthreat warning level a day earlier.
Cyberattacks using ransomware, a type of malware that holds a target’s data hostage by locking up systems until a ransom is paid, have been on the rise in South Korea, with 78 such attacks reported to the country’s internet security agency in the first half of the year, compared with 39 in 2019 and 127 cases in total last year.
The Ministry of Science and ICT said it would strengthen support to small businesses that have weaker cybersecurity systems by offering them data back-up, encryption and restoration systems to protect their internal data in order to help restore their systems in ransomware attacks.
It will also provide anti-ransomware software for free to medical clinics ahead of the country’s plan to vaccinate around 18 million people aged 18 to 49 later this month to ensure a smooth vaccination rollout.
The ministry added that it is reviewing adding oil refining companies and self-driving vehicle control systems to its list of core facilities that require cybersecurity protection, considering the ransomware attack earlier this year on the U.S.-based Colonial Pipeline, which forced the company to temporarily halt its fuel supplying operations.
The move comes as South Korea braces for even more cyberattacks.
The country’s spy agency elevated its cyber threat warning level for public institutions to the second-lowest level in a five-tier system Tuesday, saying it has identified ransomware attacks targeting major local hospitals.
The ICT ministry has also raised its cyber threat warning status to the same level Wednesday, with expectations that phishing attacks will increase with the scheduled provision of pandemic relief funds.
Experts say ransomware attacks can usually be blocked if companies strengthen their security.
Hackers invest a lot of time, at times even over a year, to conduct such attacks as they have to go through internal systems to find a point to widely distribute the ransomware, according to Lee Jae-kwang, head of the profound analysis team at the Korea Internet & Security Agency.
“Hacking into a company’s internal system and spreading ransomware takes a lot of work,” Lee said in a recent online briefing. “As they take a long time to prepare, security personnel have many opportunities to defend their systems.”