The industry is in turmoil after a hacking incident at SK Telecom, the country’s leading mobile carrier, in which hackers attempted to steal customers’ USIM information. Since two years ago, SKT has been racing forward with a blueprint to transform itself from a telecommunications company into an artificial intelligence (AI) enterprise. The company has boldly invested a total of $300 million (approximately 430 billion won) and deployed significant manpower in the AI sector. However, it is difficult to deny that a breach in what is considered the “most fundamental of fundamentals”?cybersecurity?has damaged the company’s credibility.
![[Reporter’s Notebook] SK Telecom: AI Ambitions Are Good, But Fundamentals Come First](https://cphoto.asiae.co.kr/listimglink/1/2025012407312311992_1737671483.jpg)
The biggest issue is that, even four days after the hacking incident on April 19, the company still has not properly identified the circumstances or the scale of the damage. Additionally, SKT did not report the incident to the Personal Information Protection Commission or notify customers via its website until the morning of April 22, leading to criticism of a delayed response. SKT subscribers are left anxious, not knowing whether their information has been leaked. The theft of USIM information is a serious problem, as it can lead to illegal duplication, identity theft, and interception of text messages, resulting in tangible financial losses.
Cybersecurity has long been a neglected area within IT companies. According to security industry experts, “Until a cyberattack actually occurs, companies tend to overlook its importance and underinvest in security,” and “It has been a recurring pattern of closing the stable door after the horse has bolted.”
However, with the advancement of generative AI technologies, it was anticipated that more sophisticated hacking methods would emerge. By integrating AI into malware and DDoS attacks, it is expected that broader, more automated, and more precise hacking will become possible. Ordinary people, not just professional hackers, may now easily hire hackers as if outsourcing, to launch attacks on companies. This is the double-edged sword that AI technology brings.
Some have raised the possibility that North Korea or China, both known for advanced hacking techniques, may be behind the attack, given that a major telecom company with a high level of security was targeted. The possibility that cutting-edge AI technologies were used in the attack cannot be ruled out.
SKT has declared its goal to become an “AI company” that enhances productivity and quality of life through AI, and to generate profits in the process. It appears, however, that the company overlooked the increasingly sophisticated hacking threats enabled by AI. Even within the telecommunications industry, there have been ongoing concerns that focusing too heavily on AI investment could cause the company to neglect its core ICT business, network quality, and server security, thereby creating vulnerabilities. According to data from the Korea Internet & Security Agency, SK Telecom invested 60 billion won in information security last year, ranking last among the three major telecom companies. This amount lagged behind LG Uplus (63.2 billion won) and KT (121.8 billion won).
SKT now has no choice but to focus on managing the aftermath of the incident. Afterward, the company must implement measures to prevent recurrence, such as strengthening security?a task that has been relatively neglected compared to AI investment. It is crucial to establish a safe and trustworthy foundation for its more than 20 million subscribers.
© The Asia Business Daily(www.asiae.co.kr). All rights reserved.
