94% of Ransomware Damages Hit SMEs and Mid-Sized Companies
Limited Security Investment Hampers Effective Response
Technology Keeper Service Grows by 1,000 Companies in Five Years
The aftermath of the hacking incident at SK Telecom (SKT) is spreading security concerns among small and medium-sized enterprises (SMEs). SMEs with vulnerable security infrastructure are increasingly being exploited as primary entry points by hackers, creating a structural risk that could threaten even large corporations. Incidents of major parts suppliers suffering ransomware attacks and leaking confidential data are not uncommon, but voices are growing that the government's security support is ineffective, making it urgent to strengthen fundamental response systems.
According to industry sources on May 8, following the SKT hacking incident, a sense of crisis is spreading across the industrial sector, with particular concern focused on SMEs that lack security capabilities. A representative from a domestic IT security company stated, "Recently, as the importance of early detection and response to cyber threats is being highlighted among mid-sized and small companies, we have been receiving a large number of related inquiries."
According to the Korea Internet & Security Agency (KISA), the number of reported cyber incidents last year was 1,887, a 48% increase from the previous year. While the number of ransomware infection cases decreased by 24% to 195, 94% of all damages were concentrated among SMEs and mid-sized companies, which find it difficult to invest in security compared to large corporations. This suggests that hackers are increasingly targeting vulnerable SME websites as hacking waypoints, or escalating 'web shell' attacks?malicious code that seizes administrator privileges on these sites?leading to a wider spread of damage.
When domestic SMEs become major targets, related large corporations can also be exposed to risk. For example, in June last year, it was revealed that Seoyon E-Hwa, a supplier of parts to Hyundai and Kia, was infected with ransomware. The hacking group 'Space Bear' claimed to have stolen internal information such as the company’s SAP, database (DB), and financial data, demanding a ransom of $3 million (about 4.1 billion KRW). When negotiations stalled, they published documents such as estimates and contracts on their own dark web blog. Another hacking group, 'Underground', leaked confidential data such as personnel files and design drawings from Kyungchang Industrial, a supplier to BYD, the world’s leading electric vehicle company based in China.
The National Intelligence Service has pointed out that SMEs are caught in a 'security blind spot' because they lack the resources to invest in security or appoint a security officer. According to the Ministry of Science and ICT's "2024 Information Security Disclosure Status Analysis," the average investment in information security by companies that disclosed last year was 2.9 billion KRW. In contrast, Seoyon E-Hwa and Kyungchang Industrial invested only 433 million KRW and 298 million KRW, respectively. This highlights that SMEs, which face greater challenges in investing in security compared to large corporations, are suffering more severe damages.
This is why there are calls for the government to establish a more systematic support system to strengthen the security capabilities of SMEs. The Ministry of SMEs and Startups invested about 9.2 billion KRW in the 'Technology Keeper Service' project over the past five years, increasing the number of SMEs using the service from 2,828 in 2019 to 3,872 in 2023, an increase of about 1,000 companies. The Technology Keeper Service is a government-supported program that provides professional security services to prevent cyber hacking and illegal technology leaks. Although the number of participating companies has grown in recent years, experts point out that more systematic and proactive support is urgently needed, considering the overall market size, the increasingly sophisticated IT environment, and evolving hacking techniques.
Kim Donga, a member of the National Assembly’s Trade, Industry, Energy, SMEs, and Startups Committee from the Democratic Party of Korea, who raised these issues during last year’s parliamentary audit, advised, "Since the leakage of confidential information from SMEs due to cyber hacking and other security incidents directly leads to a decline in national competitiveness, it is essential to strengthen support measures for these companies." He added, "It is necessary to establish a more effective cyber threat response system and to enhance technology protection support so that more companies can prevent the leakage of core technologies."
© The Asia Business Daily(www.asiae.co.kr). All rights reserved.
