At the Naval Ship Technology and Weapon Systems Seminar held at BEXCO in Busan on the 8th, the importance of cybersecurity for realizing maritime manned-unmanned complex systems was emphasized. Experts who presented at the seminar agreed that cybersecurity awareness in the maritime defense sector remains insufficient and called for heightened vigilance. In particular, concerns were raised that security threats have become increasingly complex and severe as AI is being integrated into combat systems, weapon systems, and autonomous vessels.
According to the presentations, cyberattacks against the military have evolved beyond simple data breaches to a level where they can hack into devices and cause physical damage. As militaries around the world increasingly build integrated systems, security threats are growing alongside them. Autonomous vessels and combat systems utilizing AI technology, in particular, face new security risks. For example, research findings were presented showing that cyberattacks could apply adversarial patches to AI systems or increase noise values to make the system misidentify enemies as friendly forces.
To counter these threats, classification societies and maritime defense organizations in various countries are establishing specific regulations to strengthen cybersecurity. Guidelines such as the U.S. National Institute of Standards and Technology (NIST) Risk Management Framework (RMF), the International Association of Classification Societies (IACS) UR E26 and E27, and standards from DNV GL (Norway-Germany) and Bureau Veritas (France) provide regulatory frameworks for cybersecurity. Experts pointed out that the Korean military also needs to develop its own cybersecurity regulations with reference to international standards. In particular, given that international classification societies, including U.S. classification bodies, are set to mandate cybersecurity regulations for all vessels starting in 2024, opinions were expressed that Korea must also establish corresponding regulations. To this end, calls were made to build the K-RMF (Korean Risk Management Framework) to not only strengthen national defense capabilities but also enhance the efficiency of combined operations and secure market competitiveness.
It was also emphasized that cybersecurity is not a matter that can be left solely to specific experts or security companies. In integrated systems, each component is organically connected, meaning that a vulnerability in one area can affect the entire system. Kim Jin, Vice President of DS Lab Company, stated, “Cybersecurity awareness varies greatly across different sectors,” explaining, “Many people think it is enough to simply protect their own computers, but the IT systems installed on naval vessels are organically connected platforms.” The view was also expressed that cybersecurity should focus on prevention rather than post-incident response, and that security strategies incorporating resilience are essential. Park Dong-hun, Senior Engineer at Hanwha Ocean, explained, “According to Article 12 of the Defense Information Protection Directive, lifecycle protection measures for information systems must be established,” emphasizing, “It is not enough to simply install antivirus software after an incident occurs—security must be considered throughout every stage, from vessel design to construction and operation.” This means that systematic security management across all sectors is required, as it is an essential element not only for national defense but also for commercial competitiveness.
Meanwhile, the government is actively pursuing the K-RMF initiative. The Defense Acquisition Program Administration (DAPA) plans to apply it to ROK-U.S. combined systems starting in 2023, with full-scale implementation expected by 2026. Related research is already underway at organizations such as the Defense Agency for Technology and Quality (DTaQ), with efforts being made to strengthen cybersecurity in the maritime defense industry.
Source: https://www.sisaon.co.kr