Data Held Hostage, Weak Internal Controls... Major Drivers of This Year's Data Breaches
Cyber Attacks Becoming More Organized... Hacking Tactics Grow Sophisticated
Threats Extend Beyond Simple Ransom Demands to Nationwide Impact
Need to Increase Security Personnel and Investment... Heightened Vigilance Essential
The 'industrialization of cybercrime' and 'insufficient internal controls' have emerged as the most significant factors behind this year's series of data breaches caused by hacking incidents. Notably, in addition to Coupang, which exposed the personal information of 33.7 million people, major mobile carriers such as KT and SK Telecom also suffered large-scale breaches, drawing widespread attention. Analysts point out that as artificial intelligence (AI) advances, the speed of cyber intrusions is accelerating rapidly, and the techniques used by attackers are becoming increasingly automated and sophisticated.
Ransomware Attacks Increase 3.5-Fold
Recently, hacking groups have become more organized and specialized. The 'industrialization of cybercrime' is underway, with ransomware emerging as a representative attack method.
Hot Picks Today
!["Rather Than Endure a 1.5 Million KRW Stipend, I'd Rather Earn 500 Million in the U.S." Top Talent from SNU and KAIST Are Leaving [Scientists Are Disappearing] ①](https://cwcontent.asiae.co.kr/asiaresize/93/2026051914165468840_1779167814.png)
"Rather Than Endure a 1.5 Million KRW Stipend, I'd Rather Earn 500 Million in the U.S." Top Talent from SNU and KAIST Are Leaving [Scientists Are Disappearing] ①
- "No Cure Available, Spread Accelerates... Already 105 Dead, American Infected"
- Suspicious Starbucks Numbers?... 'Tank Day' Controversy Spreads from May 18 to Sewol Ferry and Park Geun-hye
- "Reporters Who First Revealed Jo Jinwoong's Juvenile Offense History Cleared of Juvenile Act Violation"
- "How Did an Employee Who Loved Samsung End Up Like This?"... Past Video of Samsung Electronics Union Chairman Resurfaces
According to AhnLab on December 9, Korean companies suffered 56 ransomware attacks from organized groups last year, a 3.5-fold increase from 16 cases the previous year. The disruption of key services at online bookstore Yes24 and financial company SGI Seoul Guarantee Insurance, which left customers unable to access major services for a period of time, was also caused by ransomware attacks. Ransomware has evolved beyond simply encrypting server files and demanding payment for recovery; it now constitutes a form of cyber intrusion that can paralyze an entire business operation.
Mobile Carriers Invest Less Than 1% in Information Security
Amid fierce competition focused on growth, Korean companies have neither invested sufficiently in security nor raised awareness of its importance. For the three major mobile carriers, annual investment in information security is less than 1% of total revenue. Coupang, which was responsible for the massive breach affecting 33.7 million people, invested 86.07 billion won in information security last year, accounting for only 0.22% of its total revenue. Kim Donghyun, Professor of AI Convergence Security at Halla University, stated, "In Korea, it is common for organizations with more than 4,000 employees to have only two or three dedicated information security staff, making it difficult to comply with regulations, conduct audits, and monitor personal data protection." He added, "It is essential to allocate sufficient budgets and personnel for information security, and to establish systems for regular management and reporting."
Delayed Detection of Hacking
From SK Telecom to Coupang, organizations that suffered personal data breaches this year became embroiled in controversy for reporting the incidents to authorities belatedly. KT, for example, failed to fulfill its obligation to report within 24 hours of detecting a server breach, only notifying authorities three days later. Some organizations did not even realize a hacking or data breach had occurred for a significant period. Lotte Card, for instance, only became aware of a hack and the resulting internal file leak 17 days after the incident and subsequently reported it to the Financial Supervisory Service. In Coupang's case, abnormal access via overseas servers began in June, but the company only confirmed the breach through a customer complaint on November 18, nearly five months later. Not only was the damage left unaddressed for an extended period, but the number of affected customers also expanded to 33.7 million during the investigation, drawing public criticism.
Collapse of the 'Always Verify' Principle
Companies that experienced hacking incidents were found to have vulnerabilities in their basic security frameworks and internal controls, leading to disappointment. SK Telecom stored USIM authentication keys in plain text rather than encrypting them, while Coupang failed to deactivate accounts and authentication keys of former employees, exposing a lax security culture that enabled the data breach. LG Uplus recently exposed call summaries of AI call assistant 'IXIO' users to other customers due to operator negligence. Experts note that if the 'zero trust' principle-an approach based on always verifying security-had been applied, such damage could have been prevented. Looking ahead, cyberattacks are expected to become even more sophisticated by integrating with AI technologies. Baek Sangmin, Head of the Security Response Center at ESTsecurity, emphasized, "Cyberattacks have reached a level where they threaten not only individual organizations but also the trust and stability of society as a whole. It is time to recognize security not as a cost but as a core investment in national infrastructure and to embark on a comprehensive overhaul of defense systems."
© The Asia Business Daily(www.asiae.co.kr). All rights reserved.
