[Digital Today reporter Jin-ho Lee (이진호)] The government will launch a joint public-private response system to counter cyber threats using artificial intelligence (AI). It will strengthen vulnerability management, patch sharing and corporate security checks to prepare for high-performance AI being misused to find vulnerabilities and carry out attacks.

The Ministry of Science and ICT on May 29 announced a draft private-sector information security promotion plan to respond to AI-based cyber threats at the ninth meeting of ministers in charge of science and technology.

The government moved to respond out of concern that AI-based vulnerability discovery could exceed existing levels of security response. Global big tech firms such as Anthropic and OpenAI have recently launched projects providing AI models with cybersecurity capabilities to a limited number of companies. High-performance AI, including Anthropic's Mythos, has already entered a stage of finding software vulnerabilities at the level of security experts. Experts point out that the discovered vulnerabilities could be exploited in attacks, placing individuals, companies and institutions within the reach of AI threats.

In the first report of Anthropic's Glasswing project, more than 16,000 vulnerabilities were found in participating companies' software and open source. The government analyzed 88 disclosed vulnerabilities and on May 24 issued a security notice and shared information with the public, private and military sectors on 2 cases affecting South Korea. It also asked 28,000 companies' chief information security officers (CISOs) to strengthen preparedness.

The government will build an emergency framework to quickly share and disseminate AI vulnerability disclosures, patches and threat situations, centered on the National Security Office at Cheong Wa Dae, and to respond jointly if signs of a cyber incident emerge. The science ministry will run an overall situation team within the ministry, while the private sector will operate situation teams by the relevant ministries.

A vulnerability management center will be set up at the Korea Internet & Security Agency (KISA). It will collect and analyze domestically and internationally disclosed and reported vulnerabilities and patch information centered on the KISA vulnerability information portal (KNVD). It will disseminate related information to companies and relevant ministries through security notices, CISO channels and private-sector cooperation channels.

Company-level responses will also be strengthened. Key companies with large potential spillover damage will 추진 asset management, vulnerability checks and patch responses led by the relevant ministries. The targets are about 1,200 companies, including critical information and communications infrastructure, companies required to have ISMS, large firms in finance, healthcare and energy, top-tier general hospitals, and major private universities. The government will check implementation status by sector.

Support will also be provided to help small and medium-sized companies establish basic security capabilities. The government will distribute a web tool that allows companies to diagnose their IT assets and security levels on their own, and will push technical support for generating and analyzing software bills of materials to identify open-source vulnerabilities. It also plans to provide support for checking product vulnerabilities at small and medium-sized companies using high-performance AI models.

AI-based threat detection will also be expanded. It will continuously monitor about 350 million domains worldwide, and detect and respond to AI-based malicious activity and signs of attack preparation from the domain creation stage. If suspected signs of incidents related to AI services occur, it will immediately activate the Incident Investigation and Deliberation Committee.

International cooperation will also be strengthened. The science ministry will continue cooperation with global big tech firms to participate in AI security projects and secure information, starting with securing OpenAI's trust-based access program for governments and institutions (GTAC). It will also 추진 information sharing with cybersecurity agencies in allied countries on responses to AI-based threats.

Bae Kyung-hoon (배경훈), deputy prime minister and minister of science and ICT, said, "AI is advancing rapidly in the cybersecurity field to the point of being comparable to the highest-level hackers." He added, "Through these measures, we will establish an emergency framework to respond to large-scale vulnerability disclosures originating from AI and will 추진, with speed, the establishment of AI security sovereignty based on our technology and models."

The ministers' meeting also discussed the status of AI transformation 추진 across government ministries, a strategy to secure core competitiveness in physical AI, and the Manufacturing AI 2030 strategy. Measures to reduce research administration burdens, including ways to promote joint use of university research facilities and equipment and simplify administrative forms for national research and development, were also addressed as agenda items.