The Ministry of Science and ICT and the Korea Internet & Security Agency (KISA) announced on the 18th that they have conducted a cyber crisis response simulation training, uncovering 140 vulnerabilities across the websites of 42 corporations that could be exposed to hacking, and are undertaking corrective measures. Additionally, through vulnerability detection, they found 44 urgent improvement items that need to be addressed at 10 corporations.
On the same day, the Ministry of Science and ICT held a review meeting at the POSCO Tower event hall in Yeoksam-dong, Gangnam-gu, Seoul, sharing the results of the '2025 Cyber Crisis Response Simulation Training' conducted for two weeks starting in mid-May. The simulation involved 688 corporations with 255,765 participants.
The Ministry of Science and ICT confirmed vulnerabilities to about 20 types of attack techniques used in major hacking cases during this simulation penetration training. A total of 140 vulnerabilities were discovered across 42 corporations' websites. The Ministry of Science and ICT plans to receive action plans regarding this and will support prompt improvement of vulnerabilities through future implementation checks and technical assistance. The identified vulnerabilities include: ▲ parameter tampering and manipulation ▲ insertion of malicious code (XSS attacks) ▲ improper error handling.
A total of 205 corporations participated in the vulnerability detection training, where 44 vulnerabilities requiring urgent action were found at 10 corporations. Additionally, 355 action items were identified at 98 corporations that, while not critically dangerous, required steps due to their use of vulnerable versions of web services. The Ministry of Science and ICT plans to guide the action measures and will check the progress of their implementation.
The vulnerability detection training has been improved from this simulation training to allow for the preemptive discovery and mitigation of vulnerabilities that serve as initial intrusion pathways.
Attacks using phishing emails powered by generative AI are also on the rise. A representative from the Ministry of Science and ICT noted, 'The infection rate for companies re-participating in phishing email training scenarios was 16.2%, compared to 18.5% for new participant corporations. This confirmed that repetitive participation in simulation training enhances employees' security awareness and improves their response ability to phishing emails.'
The results of the distributed denial of service (DDoS) attack training showed an average detection time of 3 minutes and a response time of 19 minutes. Larger corporations detected attacks more quickly than smaller ones, and those that participated repeatedly were quicker than new participants. The Ministry of Science and ICT guided small and micro corporations struggling with responses to distributed service attacks to utilize the 'Cyber Shelter.' The Cyber Shelter is a service that reroutes DDoS traffic, blocking attack traffic while allowing normal traffic to pass through.
Choi Woo-hyuk, Director of Information Security Network Policy at the Ministry of Science and ICT, stated, 'Incidents can occur regardless of the size of the corporations, so it is important to continuously check the information security system and raise security awareness through simulation training.' He added, 'We will actively support corporations to strengthen their incident response capabilities by enhancing the quality of simulation training and encouraging repeated training participation to prepare for increasingly sophisticated and advanced incidents.'