The Ministry of Science and ICT announced on the 9th that it shared information on problematic malware with over 6,000 corporations as part of follow-up measures to the SK Telecom hacking incident. The joint investigation team from the public and private sectors investigating the SK Telecom hacking case recently discovered a total of 12 types of malware on three home subscriber servers (HSS). These three servers are part of a total of 14 servers where SK Telecom has dispersed subscriber information, and the four types of malware that were initially disclosed were also found here.
Minister Yoo of the Ministry of Science and ICT held a public monthly briefing at the government Seoul building on 'April results and May plans for key projects in 2025' and announced the current status of the response to the SK Telecom hacking incident. He said, "We recognize that there is significant anxiety among the public due to the SK Telecom incident, and we will do our best to resolve the situation in line with the expectations of the citizens."
After receiving a report of the hacking incident from SK Telecom, the Ministry of Science and ICT requested data preservation and submission on April 21. On the same day, an expert from the Korea Internet & Security Agency (KISA) was dispatched to the site, and starting from the 23rd, the joint investigation team was formed to conduct an in-depth investigation into the incident.
On the 24th of last month, it requested stronger security checks and cooperation for situation-sharing from the three mobile carriers (SK Telecom, KT, LG Uplus). On the 25th, it shared information on the problematic malware with over 6,000 corporations and on the 26th, it shared the status of the response to the hacking incident with each ministry and requested their cooperation. It instructed SK Telecom to ▲ provide 100% compensation if damages occur despite being subscribed to the SIM protection service, ▲ support travelers abroad to ensure no delays in SIM replacements at the airport, and ▲ operate a pre-reservation system for SIM replacement.
The Ministry of Science and ICT noted, "We believe that SK Telecom's actions are still inadequate from the perspective of the public, and we conducted administrative guidance on the 1st of this month to swiftly resolve user inconveniences and prevent further damage," and said, "We demanded concrete plans that include a blanket application of the SIM protection service for vulnerable groups and a commitment to 100% compensation for user damages resulting from the hacking incident."
The Ministry of Science and ICT directed SK Telecom to provide transparent information disclosure through ▲ daily briefings that explain the current situation in an understandable manner for citizens, ▲ completely halt new recruitment of mobile service users until the stabilization of SIM supply, ▲ submit the implementation plan for the blanket application of the SIM protection service for the digitally vulnerable, and proactively explain the concrete measures for 100% compensation for user damages due to the hacking incident ▲ prepare and implement user compensation measures such as waiver of penalties, relaxation of the burden of proof for damages, and compensation for losses ▲ share situations immediately in case of operational IT failures and prevent delays in number portability through swift recovery ▲ significantly increase support personnel to ensure no inconveniences for travelers replacing SIMs at the airport.
Minister Yoo stated, "We are investigating who the hacker is, how many intrusions the servers have experienced, and whether SK Telecom has made sufficient efforts for security from various angles," and added, "The results from the joint investigation team are expected to be released by the end of June."
As SK Telecom suffered a hacking attack that led to the leakage of SIM information, there are demands that the company should waive penalties for customers wishing to change service providers. In response, Minister Yoo said, "We will discuss the issue of penalty waivers after examining the report from the joint investigation team investigating the SK Telecom incident," and added, "From SK Telecom's perspective, the penalty issue is significant, and they are approaching it with caution." He further noted, "We are thoroughly investigating technically how the hacker penetrated and what issues arose, and reviewing how SK Telecom responded."
Meanwhile, the Ministry of Science and ICT announced that, through the briefing on the 'April results and May plans for key projects in 2025', it is currently inspecting the quality of mobile communication services in the affected areas from the fire disaster in Yeongnam, where communication base stations had been damaged or lost power, since the restoration has been completed. The inspection focuses on five regions, including Gyeongbuk Yeongdeok, Cheongsong, Andong, Yeongyang, and Gyeongnam Sancheong, examining mobile transmission speed, connection success rate, and transmission success rate.
Additionally, it was announced that in the fourth week of this month, Starlink Korea will begin reviewing a cross-border supply agreement established with SpaceX headquarters in the U.S. to introduce low Earth orbit satellite communication Starlink service domestically. The review criteria include the stable provision of satellite communication services, the impact on the communication market, and user protection.
As the amendment to the enforcement ordinance of the Radio Waves Act, which focuses on the introduction of low Earth orbit satellite communication services and the simplification of satellite communication terminal installation procedures, has passed the Cabinet meeting, it is expected that Starlink's domestic entry will be possible around next month after these procedures are completed.
The Ministry of Science and ICT also plans to proceed with legislative notice within next month after collecting opinions from industry and civic groups regarding the draft enforcement regulations and guidelines of the 'Basic Act on Artificial Intelligence Development and Trust Building' (AI Basic Act).