It was found that 3 out of 10 femtocells (ultra-small base stations that provide communications within a 10-meter radius) operated by the three mobile carriers are in a management blind spot. Due to lax oversight by the carriers, these devices are reportedly not even being checked for theft. Femtocells contain authentication keys that consolidation to carrier servers, raising concerns that they could be exposed to hacking if they fall into the hands of hackers.
According to the office of Choi Su-jin of the People Power Party on the 15th, of the 195,000 femtocells operated by SK Telecom, KT, and LG Uplus, 64,000—about 33%—are not operating and are not detected by signal. The carriers presume that signals are not detected in the headquarters management system because they are not functioning normally due to reasons such as theft, malfunction, or power being off.
The problem is that the carriers cannot even accurately determine whether theft has occurred. An industry official said, "It is not even known how many of the more than 60,000 carrier femtocells have been lost," and noted, "A full survey is needed because the possibility that they were misused for hacking cannot be ruled out." The official added, "There are currently no on-site inspections at all for femtocells that are not detected by signal."
By carrier, KT, where a recent unauthorized micropayment hacking incident occurred, had the most femtocells that were not detected by signal. Of KT's 157,000 femtocells, 57,000 were not detected. LG Uplus had 4,000 out of 28,000, and SK Telecom had 3,000 out of 10,000 that were not detected. Among the three carriers' femtocells that were not detected by signal, KT accounted for 89%. LG Uplus accounted for 6.3%, and SK Telecom for 4.7%.
Inside and outside the telecom industry, there is talk that femtocell equipment operated by KT may have been stolen and used for micropayment hacking. The reason is that femtocells contain authentication keys that consolidation to carrier servers, making hacking easier. However, KT claims that its femtocells were not stolen and hacked, but that two unregistered illegal ultra-small base stations from outside accessed its network and carried out the hacking. KT announced that it suspects the perpetrator used equipment that had previously connected normally to the KT network.
Some in the industry say it is premature to conclude solely on KT's claim, as the physical devices used in the crime have not been secured and the government's final investigation results have not been released. This is because the "equipment that had previously connected normally to the KT network" mentioned by KT could also be a stolen femtocell. According to the industry, KT recently blocked network access and system access for the 57,000 femtocells that are not detected by signal.
Choi Su-jin said, "Countermeasures are needed, including a comprehensive inspection of small base stations operated not only by KT but also by SK Telecom and LG Uplus."