In April, following the hacking revelation of SK Telecom, it has emerged that KT and LG Uplus were also hacked for several months until the first half of this year. The Ministry of Science and ICT and the Korea Internet & Security Agency (KISA) have begun on-site inspections.
On the 1st, the Ministry of Science and ICT noted, "We are conducting on-site inspections to confirm any incidents involving KT and LG Uplus. We are also receiving relevant materials for detailed forensic analysis."
Earlier, in a 40th anniversary special issue of the global hacking magazine, a report titled 'APT Down: The North Korea Files' was published. Two anonymous white-hat hackers reported to the magazine that they had obtained data amounting to 8GB from South Korean institutions and corporations that was leaked by an attacker named 'KIM'. The leak list reportedly includes materials from KT and LG Uplus.
In the case of LG Uplus, it has been revealed that ▲the source code and databases of the internal server management account permission management system (APPM) ▲information from 8,938 servers ▲42,526 accounts and IDs/real names of 167 employees/partners have been leaked. Records of access to this information have been confirmed until April of this year.
KT has been found to have possible leaks of certificates (SSL keys). The certificates were valid when leaked, but have since expired.
Some government departments have also been revealed to be hacked. Leaked information includes the electronic signature (GPKI) certificates of the Ministry of the Interior and Safety, source code from the Ministry of Foreign Affairs' internal mail server, and source codes and internal network authentication records from the Ministry of Unification and the Ministry of Oceans and Fisheries.
The Ministry of Science and ICT and KISA have reportedly been aware of the related facts since July and began internal investigations. However, the two telecommunications companies are said to have refused detailed investigations by the authorities. According to current information and communication network law, a field investigation by the authorities is not possible unless corporations voluntarily report breaches.
Vice Minister Ryu Je-myung attended the full meeting of the Science, ICT, Broadcasting, and Communications Committee at the National Assembly on the 20th and stated that he would verify facts by receiving documents from the telecommunications companies regarding the recent report by the magazine that 'Kim Suki attacked the South Korean government and telecommunications companies.'
At that time, Chairperson Choi Min-hee of the Science, ICT, Broadcasting, and Communications Committee asked, "Can we trust the reports submitted by KT and LG Uplus verifying the (hacking allegations) on their own?" to which Vice Minister Ryu replied, "I intend to review the submitted materials." According to Vice Minister Ryu, both telecom companies reported that there are no cyber intrusion facts.
The Ministry of Science and ICT said, "If incidents involving the two telecommunications companies are confirmed, we will transparently disclose them."
KT and LG Uplus stated, "So far, there is no fact that data has been compromised," and added, "We will actively cooperate with the government investigation."