The Ministry of Science and ICT announced today (13th) that it has requested an investigation, determining that KT obstructed the government’s investigation by submitting false data and concealing evidence in the unauthorized small payment hacking incident.
The announcement was made during a briefing at the National Assembly inspection held at the Sejong Government Complex. The Ministry explained that although KT claimed it discarded its server as of August 1, the disposal process continued until the 13th of the same month, demonstrating false reporting. Despite having backup logs of the discarded server, KT did not disclose this to the joint investigation team until the 18th of last month.
The Ministry criticized KT for its inadequate initial response to the unauthorized small payment incident, pointing out mismanagement, such as unauthorized micro base stations (femtocells) accessing the official network. Together with the police and the Personal Information Protection Commission, the Ministry is investigating KT’s initial response, the source of equipment used in the crime, and the path of small payment authentication information theft.
Separately, the Ministry revealed efforts to strengthen its authority in responding to cybersecurity incidents. A bill was proposed last month to enable government investigations even without corporate reports when there are signs of breaches, and to set up a committee to enter business premises and conduct investigations.
In addition, measures to strengthen the system security revealed inefficient by the telecom hacking incident are being implemented by intensifying field inspections in the ISMS (Information Security Management System) audits. The Ministry plans to introduce strong sanctions for violations of security obligations, especially targeting large telecom companies, which have significant impact during incidents, by imposing security management obligations and checking compliance with statutory systems.
Additionally, it is considering increasing the penalty for not reporting breaches, failing to submit data, or to carry out correction orders from the current 30 million KRW to 50 million KRW and introducing an enforcement penalty. It also plans to implement a facial recognition system in December to prevent the mass issuance of burner phones used for voice phishing without identity verification.
[Photo Credit: Yonhap News]
■ Report Information
▷ Phone: 02-781-1234, 4444
▷ Email: kbs1234@kbs.co.kr
▷ KakaoTalk: Search ‘KBS Report’, add channel
▷ Subscribe to KBS News on Naver and YouTube!