The Korea Internet & Security Agency (KISA) announced on June 11 that Yes24, an online bookstore experiencing a third consecutive day of website and application (app) access disruptions due to a ransomware attack, has not been cooperating with KISA's technical support.
In its second official statement released on the same day, Yes24 claimed, "We are making every effort to analyze the cause and restore services in cooperation with KISA." However, KISA stated that this announcement does not reflect the facts. According to KISA, its ransomware specialists visited the Yes24 headquarters twice, on June 10 and 11, to assess the situation, but Yes24 did not cooperate with KISA's technical support. KISA explained that aside from receiving a verbal briefing from Yes24 about the situation during their initial on-site response on June 10, there has been no further verification or joint investigation with Yes24 to date.
KISA stated that it will continue to request cooperation from Yes24 to enable a swift restoration of services and to facilitate investigation into the cause of the incident.
Previously, in its second announcement, Yes24 said, "We reported the ransomware infection to KISA at 1 p.m. on the day of the incident. Kwon Minseok, Yes24's Chief Security Officer, along with the relevant departments, are making every effort to analyze the cause and restore services in cooperation with KISA. According to the investigation so far, there has been no leakage or loss of any key data, and recovery work is underway based on server backups."
© The Asia Business Daily(www.asiae.co.kr). All rights reserved.
