‘Min-gwan Joint Investigation Team’ Expanded and Reorganized as ‘Special Investigation and Inspection Team’
LGU+ "Activates Crisis Management TF for DDoS Preparedness"
[Asia Economy Reporter Kang Nahum] The damage to LG Uplus users caused by cyberattacks is increasing. There have been four internet outages this year alone, and the scale of personal information leakage has grown to 290,000 cases. The government has issued a strong warning to LG Uplus, which is responsible for this incident, and decided to form a special investigation and inspection team to respond to the damage. LG Uplus has also activated a company-wide crisis management task force (TF) to swiftly restore services and inspect the defense system against cyberattacks.
Four Connection Failures in One Week... Personal Information Leakage Scale Reaches 290,000
The Ministry of Science and ICT and the Korea Internet & Security Agency (KISA) announced on the 5th that they will expand and reorganize the 'Public-Private Joint Investigation Team' into a 'Special Investigation and Inspection Team' to respond to the recent successive cyberattacks targeting LG Uplus.
This measure by the authorities is due to the increasing damage to users caused by customer information leakage and internet connection failures. Recently, distributed denial-of-service (DDoS) attacks on LG Uplus's information and communication network have repeatedly caused connection failures for some customers using wired internet and other services. From the early morning of January 29, there were three outages lasting about 63 minutes in total, and on the afternoon of the 4th, two internet connection failures occurred in some areas for about 59 minutes starting around 5 p.m.
The number of personal information leakage cases is also increasing. LG Uplus announced that the scale of customer personal information leakage confirmed yesterday was about 290,000, which is 110,000 more than the initially announced 180,000. LG Uplus explained that the additional 110,000 cases were found in data of canceled customers stored separately based on the Electronic Commerce Protection Act and other regulations. The separate storage is a measure to protect user rights and at the request of government agencies. Regarding the leaked information, they stated, "It is the same as the previous case, but there may be individual differences in details," and added, "Financial information is not included."
The Ministry of Science and ICT strongly warned the management of LG Uplus, a telecommunications service provider, about the repeated internet connection failures and the inadequate basic intrusion response system.
Minister Lee Jong-ho of the Ministry of Science and ICT said, "We recognize this series of incidents as a serious situation that could paralyze the daily lives of the public," and added, "We will promote institutional improvements, including revising laws, such as reorganizing the intrusion incident response system of major information and communication service providers to prevent repeated intrusion incidents."
The Ministry of Science and ICT decided to operate the 'Special Investigation and Inspection Team' including many private security experts from the 6th to conduct a more in-depth inspection of LG Uplus's information security prevention and response system. The investigation team is composed of various domestic experts in network security, penetration testing, digital forensics, and intrusion incident analysis, as well as KISA.
The Special Investigation and Inspection Team will conduct a comprehensive cause analysis of the recent intrusion incidents and focus on inspecting and analyzing LG Uplus's overall cyber intrusion prevention and response system and related issues. Based on the results, they will promptly present measures and improvement plans.
LG Uplus Enters Company-Wide Crisis Management Mode
LG Uplus has also activated a company-wide crisis management TF to respond to the DDoS attacks and has begun inspecting its defense system. To minimize customer inconvenience caused by the recent DDoS attacks, LG Uplus formed a crisis response situation room led by the CEO, including key executives such as the head of the network division, CTO (Chief Technology Officer), and CRO (Chief Risk Officer).
In the company-wide crisis response situation room established at the headquarters in Yongsan, the CEO oversees major communication offices nationwide, including Magok and Anyang, commanding in real time through each field organization to check the response system for customer inconvenience issues and technical measures. They have also established an emergency response system to immediately respond to similar incidents such as DDoS attacks.
At the Sangam and Magok offices, about 200 network division monitoring, operation, and information security personnel are on emergency duty. They are preparing response plans such as attack blocking and traffic rerouting in case of additional DDoS attacks.
An LG Uplus official said, "We apologize for the inconvenience caused to customers due to the DDoS attack yesterday," and added, "We plan to carry out preventive and response measures against DDoS attacks thoroughly through the response system centered on the company-wide crisis management TF."
© The Asia Business Daily(www.asiae.co.kr). All rights reserved.
