SK Telecom has created a permanent security inspection team composed solely of white-hat hackers. The move is seen as a measure to boost the effectiveness of its security systems and speed of incident response.
According to reporting compiled by ChosunBiz on the 2nd, SK Telecom launched a dedicated, permanent white-hat hacker security inspection team in Aug. last year. It began with three members at launch, but after additional hiring, it had increased to eight as of last month.
Inside SK Telecom, this dedicated team is called the "red team." Its core mission is to assume real attack scenarios across networks, services and operating environments, repeatedly attempt intrusions, and, when vulnerabilities are found, present the root causes and measures to prevent recurrence.
The in-house security response organization that counters it is called the "blue team." The blue team checks detection, blocking and recovery systems, and immediately fixes weaknesses found by the red team. The idea is to design the attack and defense organizations to continuously interlock within one company, thereby raising both the effectiveness of security controls and response speed. Unlike periodic inspections or mock hacking centered on external consulting, it is considered an advantage that verification can be applied immediately whenever systems change or new services launch.
A telecommunications industry source said, "Inside SK Telecom, the process has been standardized in which the red team first designs the attack path, the blue team reinforces detection rules and blocking policies, and then the red team rechecks to confirm whether the patch actually works."
Another telecommunications industry source said, "Because a telecom company handles large-scale user authentication and network data, building a permanent penetration inspection and improvement system can translate directly into security competitiveness," adding, "Other telecom companies are likely to consider introducing similar organizations."