[Anchor]
It has been confirmed that the hacking incident involving SK Telecom may have led to the leakage of detailed call logs of senior government officials. There are concerns that classified information, directly linked to our national security, may have been exposed.
We start with an exclusive report by reporter Ji-hyun Ahn.
[Reporter]
The somewhat unfamiliar term “CDR” can be translated to “Call Detail Record” in Korean. It allows one to check who a specific person has called, where, and for how long.
[Kim Seung-joo/Professor of Information Security at Korea University Graduate School of Information Security: If you know the phone number of a major figure, you can identify who they frequently contacted and deduce their movements as the cell tower locations are identified.]
For instance, if our Minister of National Defense repeatedly called the same person from a specific area, one could infer what security facilities are there.
This is not hypothetical but a reality.
According to a report by a US security firm that analyzed cases of telecommunications hacking, China is suspected to be behind the attacks, with the aim of stealing CDRs, or “Call Detail Records.”
The report explained that the intention seems to be completing the behavior patterns by identifying the call partners and frequencies, and the movements of key government officials.
The leaked SIM information confirmed from the SK hack amounts to around 26.95 million records. There were no commercial demands or transactions.
This is why experts and a joint civilian-government investigation team have tentatively concluded that this is a hacking operation on the level of national intelligence warfare.
[Kim Seung-joo/Professor of Information Security at Korea University Graduate School of Information Security: What I keep focusing on is the call records. Since these records cannot be retrieved once they’ve been leaked, it’s crucial to verify whether they have been leaked…]
SK Telecom has maintained that the likelihood of a CDR leak is low. However, investigation results revealed that malware was found on servers storing CDRs.
It was also confirmed that the CDRs were not properly encrypted.
There is increasing concern that national secrets might have fallen into someone else’s hands.
[Anchor]
As you have seen, the possibility of Chinese hacker groups being behind the SK hacking incident has been raised, along with fears of classified information leakage. Additionally, it has been identified that SK Telecom may have started getting hacked even earlier than the initially known year of 2022.
Continuing with reporter Ji-hyun Ahn.
[Reporter]
[Choi Woo-hyuk/Policy Director of the Ministry of Science and ICT Information Security Network (last May 19): The initial point at which malware was installed on the server, marking the start of hacking, was June 15, 2022…]
However, according to further investigations by the joint civilian-government investigation team, the malware installation on SK Telecom’s servers is believed to have occurred even earlier.
One member of the investigation team stated, “There was hacking in 2021 and there are traces of malware attacks from even before that.”
As a result, another representative acknowledged uncertainty about the extent of the malware attack records we should examine within SK.
The pre-2022 hacking incidents are presumed to involve a different group than the current hacking organization, considering the types of malware used.
However, the entity behind it could be the same or different.
[Kim Yong-dae/Professor, Department of Electrical and Electronics Engineering, KAIST: State-sponsored hacking operations have been ongoing for almost 15 to 20 years, and it is true that states have long been involved in such behind-the-scenes cyber activities.]
A report from a US security firm explained that their objective was to acquire foundational information on specific individuals through long-term precise tracking.
According to the National Intelligence Service, domestic hacking damage by state-sponsored entities increased by 60% last year compared to 2023.
Once the results from the joint civilian-government investigation are released, our police will also proceed with tracking the hacking forces.
However, since most are organized crimes based in China, tracking them is not easy.
The information war between countries is already a reality.
[VJ Lee Ji-hwan, Heo Jae-hoon / Video Editing: Kim Young-seok / Video Design: Cho Young-ik]