Department Stores and Outlets Resume Normal Operations
23 of 48 Locations Experienced Disruptions
Ransomware Attack Hits Card POS Systems
Payment Unavailable at Fashion Stores
Ransomware Attacks Increasing Since 2017
[Asia Economy Reporter Cha Min-young] E-Land Group's department stores and outlet stores, which were urgently closed due to an attack by an unknown malicious ransomware group on the 22nd, will resume operations on the 23rd.
An official from E-Land Retail stated, "We have completed the first phase of recovery by mobilizing internal and external experts," adding, "POS (point of sale) devices used for card payments in fashion stores were attacked, making it impossible to recognize product codes and approve cards, but now these functions have been restored, allowing stores to operate normally." The opening time for department store and outlet fashion stores is 10:30 a.m.
E-Land Group confirmed that the ransomware attack occurred around 3 a.m. the previous day. Among a total of 48 stores, including NC Department Store and NewCore Outlet, card payments became impossible in some fashion stores at 23 stores, which is half of the total. To prevent further damage within the internal network system, an emergency closure was implemented, and internal and external experts were mobilized to assess the situation. The incident was also reported to the police. Some areas such as restaurants using different card payment systems and the mart 'Kim's Club' were not exposed to the attack.
The identity of the ransomware attackers remains unknown, and there were no monetary demands. Ransomware, a type of malicious code, attacks machines to paralyze the user's system and then extorts money from victims on the condition of restoring the system.
Damage caused by ransomware to domestic and international industries is increasing. In the domestic distribution sector, POS devices are known to be the primary targets of ransomware attacks. In fact, in early May 2017, a distribution company’s POS devices were attacked by ransomware, and a ransom of 10 million KRW was demanded to decrypt the system.
Security industry warnings to be cautious of ransomware continue. According to the Korea Internet & Security Agency's Cyber Threat Trends Report, as of the first quarter of this year, ransomware has expanded beyond information and communication (IT) systems to industrial production and critical infrastructure organizations. In particular, incidents affecting industrial production and core infrastructure have noticeably increased since 2017.
© The Asia Business Daily(www.asiae.co.kr). All rights reserved.
![User Who Sold Erroneously Deposited Bitcoins to Repay Debt and Fund Entertainment... What Did the Supreme Court Decide in 2021? [Legal Issue Check]](https://cwcontent.asiae.co.kr/asiaresize/183/2026020910431234020_1770601391.png)
