|
Article 2
|
Cyber security incidents are classified into four levels.<br/>A cyber security incident occurring at a government agency or a specific non-government agency (hereinafter referred to as an “agency”) under any of the following circumstances is a level 1 cyber security incident:<br/>1. Minor disclosure of non-core business information.<br/>2. Minor tampering with non-core business information or a non-core information and communication system.<br/>3. The operation of a non-core information and communication system is affected or interrupted, but can be restored within the tolerable interruption time, thereby affecting the agency’s routine operations.<br/>A cyber security incident occurring at an agency under any of the following circumstances is a level 2 cyber security incident:<br/>1. Serious disclosure of non-core business information, or a minor disclosure of core business infor mation not involving the maintenance or operation of critical infrastructure.<br/>2. Serious tampering with non-core business information or a non-core information and communication system, or minor tampering with core business information or a core information and commu nication system not involving the maintenance or operation of critical infrastructure.<br/>3. The operation of a non-core information and communication system is affected or interrupted and cannot be restored within the tolerable interruption time, or the operation of a core information and communication system not involving the maintenance or operation of critical infrastructure is affected or interrupted but can be restored within the tolerable interruption time.<br/>A cyber security incident occurring at an agency under any of the following circumstances is a level 3 cyber security incident:<br/>1. Serious disclosure of core business information not involving the maintenance or operation of criti cal infrastructure, or a minor disclosure of confidential information relating to general official affairs or of core business information involving the maintenance or operation of critical infrastructure.<br/>2. Serious tampering with core business information or a core information and communication system not involving the maintenance or operation of critical infrastructure, or minor tampering with confidential information relating to general official affairs, core business information, or a core information and communication system involving the maintenance or operation of critical infrastructure.<br/>3. The operation of a core information and communication system not involving the maintenance or operation of critical infrastructure is affected or interrupted and cannot be restored within the tolerable interruption time, or the operation of a core information and communication system involving the maintenance or operation of critical infrastructure is affected or interrupted but can be restored within the tolerable interruption time.<br/>A cyber security incident occurring at an agency under any of the following circumstances is a level 4 cyber security incident:<br/>1. Serious disclosure of confidential information relating to general official affairs, or of core business information involving the maintenance or operation of critical infrastructure, or a disclosure of classified national security information.<br/>2. Serious tampering with confidential information relating to general official affairs, core business information, or a core information and communication system involving the maintenance or operation of critical infrastructure, or tampering with classified national security information.<br/>3. The operation of a core information and communication system involving the maintenance or oper ation of critical infrastructure is affected or interrupted and cannot be restored within the tolerable interruption time.
|