PIPC Confirms "No Antivirus Installed on SKT Leaked Server"
SK Telecom CEO Yoo Youngsang Testifies at National Assembly's Science, ICT, Broadcasting and Communications Committee on the 8th
SKT States, "Alternative Security Measures Were Used Instead of Antivirus, But They Were Breached"
Regarding the announcement by the Personal Information Protection Commission on the 8th that SK Telecom had not installed antivirus security software on its subscriber authentication server (HSS), SK Telecom CEO Yoo Youngsang stated, "We hesitated to install antivirus software due to the possibility of a network-wide outage." On this day, CEO Yoo appeared as a witness at the National Assembly's Science, Technology, Information and Broadcasting and Communications Committee hearing on the SK Telecom hacking incident and made this statement.
Ryu Junghwan, Vice President of SK Telecom's Infrastructure Strategy and Technology Center, said, "Instead of antivirus software, we implemented other security measures, but they were breached," and added, "We were unable to proceed because we were reviewing side effects related to last year's Microsoft Azure cloud outage."
The Personal Information Protection Commission confirmed that antivirus software for preventing malicious programs had not been installed on the key systems that served as the hacking and data leakage route at SKT. The commission believes this may constitute a violation of the technical and managerial protection measures required under the Personal Information Protection Act.
The commission is conducting a comprehensive investigation into whether SK Telecom has complied with safety obligations across all major personal information processing systems, including the voice call-related (HSS) server and the billing-related (WCDR) server, as well as the mobile phone activation system, authentication system, and billing system.
The commission stated, "We are also closely examining the effectiveness of the emergency recurrence prevention measures implemented by SKT after the incident," and added, "We are doing everything possible to prevent additional personal information leakage and damage."
© The Asia Business Daily(www.asiae.co.kr). All rights reserved.
