As generative artificial intelligence (AI) enhances the speed and sophistication of cyberattacks, the paradigm of information security is shifting to a competition of 'AI versus AI.' This year's Information Security Day highlighted the emergence of AI-driven attacks as a new threat to national infrastructure and industries, emphasizing the need for AI-based defense systems.
On July 8, the Ministry of Science and ICT held the 15th Information Security Day ceremony at the Shilla Hotel in Seoul. The government has designated July as 'Information Security Month' and is conducting various events to raise awareness and enhance industrial competitiveness. This year's ceremony focused on 'Cybersecurity in the AI Era,' where domestic and international experts shared insights on how AI is transforming the security landscape and response strategies.
In a message delivered on behalf of President Yoon Suk Yeol, it was stated, "The government has developed comprehensive cybersecurity measures in two phases. We will actively foster AI-based security technologies and industrial ecosystems while expanding international cooperation to create an environment where everyone can safely use digital technologies."
The keynote speakers included Nick Anderson, Director of the Cybersecurity and Infrastructure Security Agency (CISA) under the U.S. Department of Homeland Security; Adam Beaumont, Acting Director of the UK AI Safety Institute; and Shane Huntley, Chief Technology Officer at Google. They discussed AI-driven cyberattacks and response strategies.
The speakers noted that the proliferation of generative AI has significantly increased the speed and sophistication of cyberattacks. They emphasized that as AI automates processes such as phishing, malware creation, and vulnerability analysis, the security environment is rapidly changing, necessitating a shift to AI-based proactive defense systems.
Adam Beaumont explained, "For a human, seven years is the time it takes for a child to graduate from elementary school, but for AI, it is the time to grow from infancy to a doctoral level." He highlighted the rapid advancement of AI, noting that while GPT-3 in 2020 could write poetry and perform simple calculations, recent AI systems possess coding abilities comparable to top programmers, indicating a swift enhancement in AI's cyberattack capabilities.
He also introduced the AI Cyber Assessment framework operated by the UK AI Safety Institute, which evaluates AI's actual attack capabilities. This assessment is designed to simulate 32 attack procedures in a network similar to corporate environments, from initial infiltration to reconnaissance, privilege escalation, and ultimately taking control of the network. The results indicated that some of the latest AI models demonstrated capabilities that extend beyond simple vulnerability detection to potentially seizing control of entire infrastructures.
The afternoon seminar continued to focus on the expanding cyber threats posed by AI. Domestic security experts, including Park Chan-am, CEO of Steelion, and Ji Jeong-ho, Chief Information Security Officer (CISO) of Viva Republica (Toss), assessed that AI is lowering the barriers to hacking and significantly increasing the speed of attacks, leaving both public institutions and businesses facing a new security environment.
Experts unanimously agreed that relying solely on passive security systems, which depend on human analysis and response, is no longer sufficient. As AI automates attacks, it is essential to establish AI-based security operations centers (SOC), AI agent security, anomaly detection, and automated threat analysis. Concerns were raised that if attacks targeting critical systems such as national infrastructure, finance, and public services materialize, the scale of potential damage could be substantial.
In response, the government views AI and cybersecurity as key pillars of national digital competitiveness and plans to expand the development of AI-based security technologies and industrial ecosystems.
* This article has been translated by AI.
Copyright ⓒ Aju Press All rights reserved.
