SKT Hacking Incident... Subscriber USIM Information Leaked
"From the Customer's Perspective, It Is Difficult to Notice Phone Cloning"
"If You Receive More Spam Emails, Messages, or Higher Phone Bills, You Should Take a Closer Look"
SK Telecom, the largest mobile carrier in South Korea, suffered a malware attack by hackers that resulted in the leakage of some subscribers' USIM information. An expert stated, "From the customer's perspective, it is difficult to notice if their phone has been cloned."
On April 23, Kim Seungjoo, a professor at the Graduate School of Information Security at Korea University, appeared on MBC Radio's "Kim Jongbae's Focus" and said, "If you suddenly receive a lot of spam emails or messages, or if your phone bill is excessively high, it is advisable to report the incident through the appropriate channels."
Professor Kim explained, "Looking at past cases of telecom company hacking, personal information was usually leaked by employees of partner companies, or information was stolen when the website or customer authentication systems were hacked." He pointed out, "However, in this case, it was the Home Subscriber Server (HSSS) inside the telecom company, which stores subscriber information, that was hacked."
He said, "Malware was found on the server containing USIM information, and an investigation is underway to determine the extent of the personal information that was leaked. Technically, if a subscriber's identification number or unique secret key stored on the USIM card is stolen, it is possible to create a cloned phone." He added, "If a cloned phone is created, it is possible to read other people's text messages and make calls at will. SK Telecom is aware of this, and USIM cloning detection technology is already in operation."
He continued, "There have been no reports of USIM cloning yet. According to a report from IBM, it usually takes about 277 days to analyze the cause of such incidents. Since it takes a considerable amount of time, it is best to refrain from making various speculations until then."
SK Telecom announced that around 11 p.m. on April 19, they confirmed that USIM and other information had been leaked due to a malware attack by hackers. USIM is a medium that stores information used to identify and authenticate individuals within the telecommunications network. If USIM information is stolen, it can be used by others to create illegal USIM chips, commit identity theft, and engage in other criminal activities.
However, SK Telecom stated, "We are conducting a full inspection of the entire system, strengthening measures to block illegal USIM device changes and abnormal authentication attempts, and immediately suspending service and notifying users if any suspicious signs are detected. Therefore, the likelihood of any problems occurring is extremely low."
© The Asia Business Daily(www.asiae.co.kr). All rights reserved.
