Eskenzi PR ad banner Eskenzi PR ad banner
  • About Us
Friday, 3 February, 2023
IT Security Guru
Eskenzi PR banner
  • Home
  • Features
  • Insight
  • Events
    • Most Inspiring Women in Cyber 2022
  • Topics
    • Cloud Security
    • Cyber Crime
    • Cyber Warfare
    • Data Protection
    • DDoS
    • Hacking
    • Malware, Phishing and Ransomware
    • Mobile Security
    • Network Security
    • Regulation
    • Skills Gap
    • The Internet of Things
    • Threat Detection
    • AI and Machine Learning
    • Industrial Internet of Things
  • Multimedia
  • Product Reviews
  • About Us
No Result
View All Result
  • Home
  • Features
  • Insight
  • Events
    • Most Inspiring Women in Cyber 2022
  • Topics
    • Cloud Security
    • Cyber Crime
    • Cyber Warfare
    • Data Protection
    • DDoS
    • Hacking
    • Malware, Phishing and Ransomware
    • Mobile Security
    • Network Security
    • Regulation
    • Skills Gap
    • The Internet of Things
    • Threat Detection
    • AI and Machine Learning
    • Industrial Internet of Things
  • Multimedia
  • Product Reviews
  • About Us
No Result
View All Result
IT Security Guru
No Result
View All Result

South Korea faces second major breach of 2014

by The Gurus
March 10, 2014
in Editor's News
Share on FacebookShare on Twitter

South Korea has suffered its second major data breach in three months, with a telecommunications company KT Corporation affected by the loss of 12 million customer records.
 
According to the Register, the South Korean Government has launched an inquiry into the breach. Despite two hackers and the CEO of a telemarketing firm being arrested last week on suspicion of infiltrating the telco giant’s servers and stealing the data, the South Korean telecoms ministry has now launched a probe, apparently ordering KT to inform customers about what happened and to allow them to check if they’ve been affected on a special website.
 
The story claimed that the data theft apparently went undetected by KT for an entire year with the suspects allegedly snatching up to 300,000 records in a single day. The nabbed details included names, registration numbers and bank account info.
 
Michael Sutton, VP of security research at Zscaler, said: “The fact that the breach at KT Corporation went undetected for a year is indicative of a disturbing trend. Even in the case of the Target and Neiman Marcus breaches, the breaches went undetected for 18 and 106 days respectively. Enterprises continue to focus almost exclusively on preventive controls and ignore detective controls.
 
“The unfortunate reality of the current cyber landscape is that infections and breaches will occur. Controls must be in place to quickly identity such scenarios and mitigate the damage. Massive files containing sensitive data such as credit card numbers and personally identifiable information should not be able to be exfiltrated from a corporate network without triggering a number of red flags.”
 
Back in January, senior executives from bank and credit card firms resigned after 20 million records from the internal servers of KB Kookmin Card, Lotte Card and NH Nonghyup Card were stolen. The data included bank account numbers, addresses and credit ratings and part of the leak occurred at local banks that shared their customer data with the affiliated credit card firms.
 
In December, personal data of some 130,000 customers of Standard Chartered Bank Korea and Citibank Korea was also stolen, the largest number in the history of the banking sector in South Korea.
 
TK Keanini, CTO of Lancope, said: “To be fair, the threat KT faces may be very advanced and, in those cases, traditional defenses are not enough. The sad reality is that these security events will continue until KT up’s their game. KT is not the first to face this type of repetitive breaches as they make an attractive target for many types of adversaries.
 
“My advice would be this: while you may never defeat your opponents’ methods to infiltrate, you can certainly make it impossible to hide and this is where the investment should be made.  The adversary here must carry out multiple steps to accomplish their objective and catching them early in this lifecycle is the only strategy that is feasible at this point.  If you can’t stop them from infiltrating, you must stop them before exfiltration of the data.”

FacebookTweetLinkedIn
Tags: Breachdata breach
ShareTweetShare
Previous Post

Cyber criminals increasingly drawn to Tor anonymity and hidden services

Next Post

Black hats drawn to TOR software

Recent News

Ransomware attack halts London trading

Ransomware attack halts London trading

February 2, 2023
Ransomware conversations: Why the CFO is pivotal to discussing and preparing for risk

Ransomware conversations: Why the CFO is pivotal to discussing and preparing for risk

February 2, 2023
JD Sports admits data breach

JD Sports admits data breach

January 31, 2023
Acronis seals cyber protection partnership with Fulham FC

Acronis seals cyber protection partnership with Fulham FC

January 30, 2023

The IT Security Guru offers a daily news digest of all the best breaking IT security news stories first thing in the morning! Rather than you having to trawl through all the news feeds to find out what’s cooking, you can quickly get everything you need from this site!

Our Address: 10 London Mews, London, W2 1HY

Follow Us

© 2015 - 2019 IT Security Guru - Website Managed by Calm Logic

  • About Us
No Result
View All Result
  • Home
  • Features
  • Insight
  • Events
    • Most Inspiring Women in Cyber 2022
  • Topics
    • Cloud Security
    • Cyber Crime
    • Cyber Warfare
    • Data Protection
    • DDoS
    • Hacking
    • Malware, Phishing and Ransomware
    • Mobile Security
    • Network Security
    • Regulation
    • Skills Gap
    • The Internet of Things
    • Threat Detection
    • AI and Machine Learning
    • Industrial Internet of Things
  • Multimedia
  • Product Reviews
  • About Us

© 2015 - 2019 IT Security Guru - Website Managed by Calm Logic

This site uses functional cookies and external scripts to improve your experience.

Privacy settings

Privacy Settings / PENDING

This site uses functional cookies and external scripts to improve your experience. Which cookies and scripts are used and how they impact your visit is specified on the left. You may change your settings at any time. Your choices will not impact your visit.

NOTE: These settings will only apply to the browser and device you are currently using.

GDPR Compliance

Powered by Cookie Information