SK Americas New York Office Server Attacked
"No Significant Information Was Compromised"
While SK Telecom, the largest mobile carrier in South Korea, recently experienced a USIM (Universal Subscriber Identity Module) data leak incident, it has also been confirmed that SK Group's U.S. subsidiary was subjected to a cyberattack and extortion attempt by a ransomware hacker group.
According to business industry sources on May 1, SK Americas, the U.S. subsidiary of SK Group, was targeted by a ransomware attack from a hacker group known as 'Qilin' at the end of March. SK Americas is an organization established last year to serve as SK Group's control tower for external cooperation in North America. The compromised server is reportedly located at SK Americas' New York office.
Qilin, the group claiming responsibility for the attack on SK Americas, posted on the dark web on April 10 (Korean time), stating that they had exfiltrated approximately 1 terabyte (TB) of files from SK Group's server and demanded payment in exchange. However, they did not release any data samples along with the ransom note. The group threatened to distribute the stolen information if payment, such as Bitcoin, was not made within 48 hours. Despite this, no disclosure of stolen data, further attacks, or follow-up activities were detected even after two days had passed.
A representative of the SK SUPEX Council, SK Group's highest decision-making body, stated, "This matter is currently under investigation by local authorities," and added, "The attack targeted data from an individual office that does not handle customer information, and we did not comply with the monetary demands."
Meanwhile, Microsoft reported in an early March threat report that it had observed the North Korean hacking group 'Moonstone Sleet' using Qilin ransomware in cyberattacks. This appears to be the same type of ransomware used in the attack on SK Americas.
© The Asia Business Daily(www.asiae.co.kr). All rights reserved.
