LG Electronics allegedly attacked by hackers

By Baek Byung-yeul

LG Electronics, Samsung Electronics and other Korean companies need to beef up their cybersecurity readiness levels as more hacking attempts have been reported in recent weeks amid increasing geopolitical risks around the world, sparked by Russia's invasion of Ukraine and North Korea's missile launches, cybersecurity experts here said Wednesday. Not only private enterprises, but government agencies and other state-run institutions should also be aware of the risks of cyberattacks, they added.

Korea is particularly vulnerable to attacks by hackers seeking access to information on government policies as the country is undergoing a leadership transition after the March 9 presidential election. As a result, the experts stressed that state-run institutions should be aware of possible cyberattacks and be ready to respond.

On Wednesday, a hacking group called Lapsus$ claimed that it attacked LG Electronics and Microsoft. The group claimed it stole of information on employees and customers from LG's website and added it also plans to release more in-house information belonging to LG.

Responding to the claim, an LG Electronics spokesman said, "It is estimated that some e-mail addresses of the company's employees have been leaked. The possibility of information leakage related to our technology is slim."

Not only Microsoft and LG, but other tech firms including Samsung and Nvidia have been the targets of the hacking group's attacks. The group claimed that it hacked Samsung Electronics' server on March 5. But Samsung said in an internal notice that "the leaked data so far included some source codes necessary to operate the Galaxy phones, but it was found that there was no impact on the company's business and customers."

Cyberattacks from Russia are not a huge concern for Korea. But they have become a serious concern for other countries. U.S. President Joe Biden issued a warning to American business leaders on Monday, asking them to intensify their companies' cyber defenses against possible attacks from Russia.

"The magnitude of Russia's cyber capacity is fairly consequential and it's coming," the U.S. President said. "The federal government is doing its part to get ready. But under U.S. law, as you all remember, the private sector, all of you, largely decides the protections that we will or will not take in order to protect your sources."

Shin Dae-kyu, chief of the Korea Internet and Security Agency's (KISA) Korea Internet Security Center, said the state agency recently raised its cybersecurity alert status from the second-lowest "attention" level out of a five-stage warning to "caution" as the possibility of cyber threats at home and abroad increased.

"Until now, we have adjusted the alert level by looking at the situation here and in North Korea. As the cybersecurity threats have been occurred overseas after the Ukraine crisis, we presumed that the threat is likely to spread to our country. In addition, large companies have recently been targets of attacks by hackers, so we raised the alert level," Shin said.

The cybersecurity response center chief said the agency is monitoring cyber threats more thoroughly.

"We are closely monitoring websites of domestic companies operating businesses in Ukraine and Russia. The Ukraine crisis is feared to escalate the cyber war. Domestic companies are also being monitored to see if they will become targets of retaliation," he said.

Shin added the agency is monitoring possible cyberattacks against state-run institutions as the country is in the process of transitioning to a new government.

"During the period of regime change, a lot of data related to the new government's policy are uploaded to each public institution. There may be hacking attempts targeting such information," he said.

An official at a local IT company said all cyberattacks cannot be prevented and it is important to establish a system to effectively recover from the damage.

"Not all attacks by increasingly intelligent hackers can be prevented. Therefore, it is most important to prevent the leakage of important information through cloud computing and the construction of a hybrid cloud system," the official said asking for anonymity.

Yi Ok-yeon, a professor at the Department of Information Security, Cryptology, and Mathematics at Kookmin University, and chairman of the Korea Institute of Information Security and Cryptology, said he needed more time to analyze how cyberattacks by hackers against Korean companies would be a real threat.

"I saw that domestic companies were attacked by hackers in newspaper articles. For a more accurate analysis, it would be better to look at more reliable information," he said.