Department Stores and Outlets Resume Normal Operations
23 of 48 Locations Experienced Disruptions Yesterday
Ransomware Attacks Increasing Since 2017
"Police Investigation Requested... Committed to Resolving the Situation"
[Asia Economy Reporter Minyoung Cha] On the 23rd, E-Land Group's department stores and outlet stores, which were forced to close urgently due to an attack by an unknown malicious ransomware group on the 22nd, will resume operations.
An E-Land Group official stated, "We have completed the first phase of recovery by mobilizing internal and external experts," adding, "POS (point of sale) devices used for card payments in fashion stores were attacked, making product code recognition and card approval impossible, but now these functions have been restored, allowing stores to operate normally." The opening time for department store and outlet fashion stores is 10:30 AM.
E-Land formed a task force team (TFT) led by the group’s representative Vice Chairman Choi Jong-yang to address the issue. Although the first phase of recovery is complete, it is expected to take several days to fully restore operations to the state before the ransomware incident.
E-Land Group confirmed that the ransomware attack, presumed to have originated overseas, occurred around 3 AM the previous day. Among a total of 48 stores, including NC Department Store and NewCore Outlet, card payments became impossible in some fashion stores at 23 stores, which is half of the total. Customer-related information was encrypted and managed on a separately segregated server, so no data leakage occurred. Some restaurants and the mart 'Kim's Club,' which use different card payment systems, were not affected by the attack. After confirming this, E-Land took emergency closure measures to prevent further damage within the company’s network system, mobilized internal and external experts to assess the situation, and requested an investigation from the police.
The identity of the ransomware attackers has not been revealed, and there were no monetary demands. Ransomware, a type of malicious code, attacks machines to paralyze the user’s system and then demands money from the victim in exchange for restoring the system.
Damage caused by ransomware to domestic and international industries is increasing. In the domestic distribution sector, POS devices are known to be the primary targets of ransomware attacks. In fact, in early May 2017, a distribution company’s POS devices were attacked by ransomware, and they were asked to pay 10 million KRW to decrypt the data.
Security industry warnings to be cautious of ransomware continue. According to the Korea Internet & Security Agency’s Cyber Threat Trends report, as of the first quarter of this year, ransomware has expanded beyond information and communication (IT) systems to industrial production and critical infrastructure sectors. In particular, since 2017, incidents affecting industrial production and core infrastructure have noticeably increased.
© The Asia Business Daily(www.asiae.co.kr). All rights reserved.
