Firms, government urged to step up efforts for better security oversight
Hackers have struck once again, this time at a local branch of a Japanese company to expose the personal information of up to 350,000 users amid rising concerns over hacking in the world’s most wired country.
Epson Korea, the local unit of Japan’s Seiko Epson Corp., on Saturday said its website was hacked and cautioned users to change their passwords. IDs and resident registration numbers also were exposed due to the hacking, the company said.
As with previous cases at other companies, Epson said it has failed to trace or identify the hackers.
Also on Saturday, Gabia, a local web domain management company, said its system was hacked, affecting online connections with its clients, although personal information was not leaked.
The incidents come after a string of hackings and related online crimes have hit Korea, triggering worries about the security of corporate websites.
Up until June this year, there were almost 6,000 hacking incidents reported to the state-run Korea Internet Security Agency.
KISA noted that companies need to step up efforts to build and maintain security systems tailored to their corporate operations and tighten control over security personnel as in many cases, critical information is leaked unwittingly through those authorized with security oversight.
“Continuous investment into security management is also key, with CEOs understanding the significance,” said Won Yoo-jae, head of KISA.
Hackers or hacking activity based overseas also must be watched closely, according to Kim Hong-sun, head of Ahn Lab, the nation’s leading online network security firm.
The government also needs to beef up penalties on culprits, as so far, companies that failed to shield their clients from hackers or other information leaks were allowed to continue business without being significantly punished.
It is only recently that the government and corporate sector has been struggling to increase network security and prevent personal information from becoming vulnerable to hacking.
Companies are now urging users to log in with more complicated passwords, and change them as frequently as they can.
The government, meanwhile, is encouraging the use of Internet Personal Identification Number to replace the common practice of using resident registration numbers which can be used to forge fake identities if they fall into the wrong hands.
The lack of proper oversight and systems up until now has bred a hoard of online hacking crimes, starting with a high-profile hacking of the National Agricultural Cooperative Federation in April.
The case caused a huge uproar as the company boasts the largest network of financial clients in the country.
The prosecution said North Korea appears to have masterminded the attack, but the authorities have been unsuccessful in tracking down the hackers.
Just last month, SK Communications said that its two websites ― Cyworld.com and Nate.com ― were hacked. The sites are used by up to 35 million Koreans, meaning that a large part of the 50-million population became vulnerable as their personal information has been exposed.
A local court earlier this week ordered SK Communications to pay one of the victims 1 million won ($925) in compensation.
In 2009, Auction suffered similar hackings, resulting in a leak of personal information of 10 million of its users.
Google was also hacked earlier this year, causing Gmail email accounts to be exposed.
The government has also suffered DDOS attacks that paralyzed state-run agencies’ websites.
By Kim Ji-hyun (email@example.com)