Ahead of the appointment of KT's next chief executive, the "hacking" that rocked the telecom industry this year is emerging as a key issue. That is because two of the three finalists for CEO were directly or indirectly linked to past hacking incidents. Some say it is a "contradiction" to choose someone tied to a past hacking incident as the next CEO when KT President Kim Young-shub gave up seeking another term in the wake of the hacking incident.
According to the industry on the 15th, a sole final candidate for KT's next CEO will be decided on the 16th. The final interviewees are former KT President Park Yun-young, former SK Communications CEO Joo Hyeong-cheol, and former SK shieldus Vice Chairman Hong Won-pyo. Inside and outside KT, the top task for the next CEO is being cited as handling the "hacking incident" that occurred this year.
Some in the industry worry that if KT appoints as the new CEO someone linked to a past hacking incident despite a hacking incident that sparked public outrage, there could be blowback. Ahn Jung-sang, adjunct professor at Chung-Ang University's Graduate School of Communication, said, "It is a contradiction to appoint as the next CEO someone directly or indirectly connected to a past hacking incident when President Kim Young-shub gave up seeking another term, taking responsibility for the hacking incident," adding, "Even if KT's board finalizes such a person as a candidate, the appointment may fail to win final approval at the shareholders' meeting." He added, "If it falls through at the shareholders' meeting, KT would have to appoint a CEO again, which could inevitably prolong the management vacuum."
Among the three finalists for KT CEO, former CEO Joo Hyeong-cheol personally experienced a past hacking incident. Joo was the CEO at the time of the 2011 SK Communications hacking incident. The incident was a massive breach that leaked the personal data of as many as 35 million people, including IDs, names, phone numbers, email addresses, encrypted passwords, and resident registration numbers, causing a public uproar.
After the incident, Joo announced recurrence prevention measures and security enhancements, but the company's credibility was severely damaged. SK Communications ended up posting losses for four consecutive years and was delisted in 2016.
Former Vice Chairman Hong Won-pyo previously led SK shieldus, SK Telecom's outsourced security firm. Hong's term as SK shieldus CEO was initially set through July this year, but he abruptly decided to resign on Apr. 30, a week after the SK Telecom hacking incident occurred. At the time, SK shieldus explained that Hong's resignation was a personal decision entirely unrelated to any SK Telecom-related security issue. However, some in the industry believe there remains room for debate over the possibility of indirect responsibility by SK shieldus as SK Telecom's outsourced security provider. SK shieldus argued that SK Telecom's USIM system, where the hacking occurred, was not within its contracted scope and that it was not directly related to the SK Telecom hacking incident. The security scope contracted with SK Telecom, SK shieldus said, involves the external network, specifically matters related to external IT systems, not the internal network, and is unrelated to the SK Telecom hack. According to the Korea Internet & Security Agency (KISA) information security disclosure, as of 2023 SK Telecom's dedicated information security workforce consisted of 46 internal staff and 176 outsourced personnel. The industry says between 80 and 100 of the outsourced personnel are affiliated with SK shieldus.
Ryu Jong-gi, director at the Korea Corporate Security Council, said, "Damage to corporations' credibility from hacking incidents deals a major blow to management leadership, and KT is unlikely to avoid such controversy in appointing its next CEO," adding, "A clear vetting is essential of how past security incidents were handled and how the candidates have addressed them. The telecom industry has reached a point where it must move beyond hacking phobia and make security and restoring trust the top priority."