[Anchor]
Among the three major mobile carriers in South Korea, only SK Telecom has been confirmed to have not encrypted the authentication key, which is core information of the SIM card.
SK's explanation that encryption was not implemented due to its slowing down of communication speeds seems inadequate.
Reporter Kang Na-ru has the details.
[Report]
At the time of the SKT hacking, the SIM card information of 25 million people was not encrypted.
This means there were no minimal protective measures in place, indicating a high vulnerability to hacking.
[Lee Jun-seok/Member of the National Assembly Broadcasting and Communication Committee/Apr. 30: "How do you view the fact that almost half of the population's major communication information was exposed because there was no field-specific encryption by a private company?"]
The leaked SIM card information includes four types of data, including the subscriber identification number, which reveals who made the call, and the subscriber authentication key, which verifies whether the person is the actual user.
Among these, the 'subscriber authentication key' is core information that serves as the final gateway for users to access the communication network.
SKT did not encrypt this important subscriber authentication key.
SKT's explanation for not encrypting the SIM card information is that it was due to it causing communication delay issues.
The logic is that it takes time to encrypt and then decrypt the data.
[Ryu Jeong-hwan/SKT Vice President: "If we decrypt it and then the call ends, we have to encrypt it again... This inevitably causes latency."]
However, KBS's investigation confirmed that KT and LGU+ encrypt all 'authentication key' values.
[Yeom Heung-yeol/Professor of Information Security at Soonchunhyang University: "Even if the control is breached, if encryption is in place, it takes time to decrypt when it goes out, making it almost useless from a hacker's perspective."]
In this situation, the Personal Information Protection Commission stated that it confirmed SKT to not have installed security programs, or antivirus software, on its major systems, while SKT explained that it had other security measures in place.
This is KBS News, Kang Na-ru.
Among the three major mobile carriers in South Korea, only SK Telecom has been confirmed to have not encrypted the authentication key, which is core information of the SIM card.
SK's explanation that encryption was not implemented due to its slowing down of communication speeds seems inadequate.
Reporter Kang Na-ru has the details.
[Report]
At the time of the SKT hacking, the SIM card information of 25 million people was not encrypted.
This means there were no minimal protective measures in place, indicating a high vulnerability to hacking.
[Lee Jun-seok/Member of the National Assembly Broadcasting and Communication Committee/Apr. 30: "How do you view the fact that almost half of the population's major communication information was exposed because there was no field-specific encryption by a private company?"]
The leaked SIM card information includes four types of data, including the subscriber identification number, which reveals who made the call, and the subscriber authentication key, which verifies whether the person is the actual user.
Among these, the 'subscriber authentication key' is core information that serves as the final gateway for users to access the communication network.
SKT did not encrypt this important subscriber authentication key.
SKT's explanation for not encrypting the SIM card information is that it was due to it causing communication delay issues.
The logic is that it takes time to encrypt and then decrypt the data.
[Ryu Jeong-hwan/SKT Vice President: "If we decrypt it and then the call ends, we have to encrypt it again... This inevitably causes latency."]
However, KBS's investigation confirmed that KT and LGU+ encrypt all 'authentication key' values.
[Yeom Heung-yeol/Professor of Information Security at Soonchunhyang University: "Even if the control is breached, if encryption is in place, it takes time to decrypt when it goes out, making it almost useless from a hacker's perspective."]
In this situation, the Personal Information Protection Commission stated that it confirmed SKT to not have installed security programs, or antivirus software, on its major systems, while SKT explained that it had other security measures in place.
This is KBS News, Kang Na-ru.
■ 제보하기
▷ 카카오톡 : 'KBS제보' 검색, 채널 추가
▷ 전화 : 02-781-1234, 4444
▷ 이메일 : kbs1234@kbs.co.kr
▷ 유튜브, 네이버, 카카오에서도 KBS뉴스를 구독해주세요!
- SKT avoided SIM data encryption
-
- 입력 2025-05-09 02:25:38
[Anchor]
Among the three major mobile carriers in South Korea, only SK Telecom has been confirmed to have not encrypted the authentication key, which is core information of the SIM card.
SK's explanation that encryption was not implemented due to its slowing down of communication speeds seems inadequate.
Reporter Kang Na-ru has the details.
[Report]
At the time of the SKT hacking, the SIM card information of 25 million people was not encrypted.
This means there were no minimal protective measures in place, indicating a high vulnerability to hacking.
[Lee Jun-seok/Member of the National Assembly Broadcasting and Communication Committee/Apr. 30: "How do you view the fact that almost half of the population's major communication information was exposed because there was no field-specific encryption by a private company?"]
The leaked SIM card information includes four types of data, including the subscriber identification number, which reveals who made the call, and the subscriber authentication key, which verifies whether the person is the actual user.
Among these, the 'subscriber authentication key' is core information that serves as the final gateway for users to access the communication network.
SKT did not encrypt this important subscriber authentication key.
SKT's explanation for not encrypting the SIM card information is that it was due to it causing communication delay issues.
The logic is that it takes time to encrypt and then decrypt the data.
[Ryu Jeong-hwan/SKT Vice President: "If we decrypt it and then the call ends, we have to encrypt it again... This inevitably causes latency."]
However, KBS's investigation confirmed that KT and LGU+ encrypt all 'authentication key' values.
[Yeom Heung-yeol/Professor of Information Security at Soonchunhyang University: "Even if the control is breached, if encryption is in place, it takes time to decrypt when it goes out, making it almost useless from a hacker's perspective."]
In this situation, the Personal Information Protection Commission stated that it confirmed SKT to not have installed security programs, or antivirus software, on its major systems, while SKT explained that it had other security measures in place.
This is KBS News, Kang Na-ru.
Among the three major mobile carriers in South Korea, only SK Telecom has been confirmed to have not encrypted the authentication key, which is core information of the SIM card.
SK's explanation that encryption was not implemented due to its slowing down of communication speeds seems inadequate.
Reporter Kang Na-ru has the details.
[Report]
At the time of the SKT hacking, the SIM card information of 25 million people was not encrypted.
This means there were no minimal protective measures in place, indicating a high vulnerability to hacking.
[Lee Jun-seok/Member of the National Assembly Broadcasting and Communication Committee/Apr. 30: "How do you view the fact that almost half of the population's major communication information was exposed because there was no field-specific encryption by a private company?"]
The leaked SIM card information includes four types of data, including the subscriber identification number, which reveals who made the call, and the subscriber authentication key, which verifies whether the person is the actual user.
Among these, the 'subscriber authentication key' is core information that serves as the final gateway for users to access the communication network.
SKT did not encrypt this important subscriber authentication key.
SKT's explanation for not encrypting the SIM card information is that it was due to it causing communication delay issues.
The logic is that it takes time to encrypt and then decrypt the data.
[Ryu Jeong-hwan/SKT Vice President: "If we decrypt it and then the call ends, we have to encrypt it again... This inevitably causes latency."]
However, KBS's investigation confirmed that KT and LGU+ encrypt all 'authentication key' values.
[Yeom Heung-yeol/Professor of Information Security at Soonchunhyang University: "Even if the control is breached, if encryption is in place, it takes time to decrypt when it goes out, making it almost useless from a hacker's perspective."]
In this situation, the Personal Information Protection Commission stated that it confirmed SKT to not have installed security programs, or antivirus software, on its major systems, while SKT explained that it had other security measures in place.
This is KBS News, Kang Na-ru.
-
-
강나루 기자 naru@kbs.co.kr
강나루 기자의 기사 모음
-
이 기사가 좋으셨다면
-
좋아요
0
-
응원해요
0
-
후속 원해요
0
오늘의 핫 클릭
실시간 뜨거운 관심을 받고 있는 뉴스
헤드라인
이 기사에 대한 의견을 남겨주세요.