Ministry of National Defense’s Former Security Officer Protects GDAC Cryptocurrency Exchange
Behind brands favored by consumers, there is always an employee with a strong work ethic. Engineer Peter Jun Go, head of the security team at Peertec (formerly known as Actwo Techologies), is an epitome of such worker. Engineer Go has a unique career of working as a trader at J.P. Morgan in the United States and transitioning into a developer by teaching himself how to code. He built his career in security by developing the private server and environment for the malware analysis center at the Ministry of National Defense.
“I am scared of not knowing that there is something that I do not know,” said Engineer Go. In other words, he is worried that he might not be able to detect the weaknesses of infrastructure security that is supposed to secure customers’ assets. This is the reason why he is currently focused on trying to identify the weak points of the system — before hackers do — by self-attacking the GDAC system.
Q. What is your role at Peertec?
Peertec is a blockchain fintech company that operates a cryptocurrency exchange platform, asset management and custody services, and a B2B payment platform. I joined Peertec last year in April and am in charge of infrastructure security. Recently, I have witnessed incidents in which customers’ assets in some cryptocurrency exchanges have been stolen due to hacks. In the past, vaccine programs could detect malicious codes but today, as the hacking technology has been developed and is rapidly developing, these security methods have become emasculated. Thus, I am always working under anxiety as we are always susceptible of being hacked, regardless of how hard we try to protect ourselves.
Currently, the task that I am most focused on is attacking our (Peertec’s) own security system. We are trying to identify weaknesses before hackers do and further develop our system with specific tools to automatically detect abnormal behavior in trading.
Q. Tell me more about the hacking project at the Ministry of National Defense
In 2017, I managed the Ministry of National Defense source code management system and private cloud. The system has a unique environment of a closed network, in which the software has to be pre-downloaded and saved at the private server for the Defense Security Command to conduct a security check. It passed a security suitability investigation, which is a very complicated process that other ordinary projects do not go through.
Further, I established the system for the malware analysis center at the Ministry of National Defense. Just like how the growth of bacteria is observed under a microscope at a research lab, the analysis center analyzes the movements of malicious codes in a special, closed environment. I developed and managed the environment while security researchers analyzed these codes.
Q. It would not have been easy for you to move from working on a national project to working at a cryptocurrency startup…
I have always been absorbed in cryptocurrency and blockchain technology. When cryptocurrency prices hiked in 2017, I used the public application programming interface (API) of domestic cryptocurrency exchanges, such as Upbit, Bithumb and Coinone, to create a program that collects information from order books with the purpose to build a trading bot.
At the time when I got interested in this field, a former colleague of mine suggested me to move to Peertec. I decided to work at Peertec because Peertec was expecting to launch its GDAC cryptocurrency exchange platform and I wanted to play a part in building the platform.
Q. What differentiates Peertec from other fintech startups, specifically in the field of security?
Donald Rumsfeld, who served as Secretary of Defense under George W. Bush, once stated, “…There are known knowns; there are things we know we know. We also know there are known unknowns; that is to say, we know there are some things we do not know.”
One of the greatest distinctions is that our Peertec security professionals are vigilant of the known unknowns. Measures can be taken when faced with apparent threats, but the worst case is being unable to even recognize that there is something unknown. This is the pretext behind why we attack our own system to assess our security. Reports exposing vulnerabilities are also received by White Hat Hackers.
Another strength of ours is that we have many engineers who have prior experience at Samsung Securities, AhnLab, Kakao, Yahoo Headquarters, Shinhan Card, Kiwoom Securities, and SK who are responsible for securing GDAC.
Q. What plans/goals do you have as a security professional?
Our future goal is to detect our vulnerabilities before malicious hackers exploit them. In order to quickly discern the unknown, we plan to develop our technology by having security experts to explore and improve our existing security systems.
국방부 해커부대 보안 엔지니어, 코인거래소 ‘지닥’ 지키는 사연은?
국방부 해커부대 보안 엔지니어, 코인거래소 ‘지닥’ 지키는 사연은? 자세한 내용은 아래 기사를 통해 확인하실 수 있습니다!
