Companies step up security as leaks continue
While it was shocking that the security of the national power system was under threat, the KHNP, power authorities and investigators couldn’t figure out how it happened.
“It was a case of national security being exposed and unprotected,” said Jung Tae-jin, CEO of Sentinel Korea, a global business risk consulting company. “It may have adverse effects on orders of nuclear power plants from other countries.”
The leaks of customer information earlier this year at KB Kookmin Card, Nonghyup Card and Lotte Card also caused major damage. Many customers canceled their credit cards and the CEOs of each of company quit one right after the another.
Then the government created a policy to make card companies compensate users up to three times the amount of their financial losses.
Due to regulations and increasing breaches of security, companies are increasingly trying to protect the information that they store.
Park Se-hyun, head of Chung-Ang University’s Industrial Security Research Center, said business security has been evolving since 2010 and companies have been investing to prevent technology leaks and safeguard their information.
Large Korean corporations have been building up their internal security units for the past decade. LG Electronics, Korean Air, SK Hynix and Hyundai Heavy Industries have all created security teams.
In the past two to three years, they have also expanded their budgets and allocated human resources to those security departments. LG Electronics has put about 12 billion won ($10.8 million) into security per year since Koo Bon-joon took over as CEO.
The company will soon be certified as BS10012, a British legal standard that recognizes safe management of personal information.
“We want to be sure that our privacy protection activities are made systematically and continuously,” said Kim Jae-soo, head of the information security team at LG Electronics.
Samsung Electronics reportedly has more than 200 employees at its information protection center. Hyundai Motor and Kia Motors also have teams to prevent possible leaks.
These companies all have very detailed security procedures, even for tasks that may seem trivial.
When LG Electronics’ 37,000 employees tap their ID cards at the turnstile on their way in to work, their smartphone cameras are automatically disabled. The same policy, started in 2012, is used at the headquarters of LG Electronics in Yeouido and at its factories around the country.
Airplane manufacturer Korea Aerospace Industries password protects all of its files.
“We made it impossible for any outside person to open files, even if the documents were leaked by hacking,” said Kang Young-joong, head of the security team at Korea Aerospace Industries.
Some companies have started using special kinds of paper, such as pieces of A4 with a small piece of metal inside that sets off an alarm if it is taken outside of a designated secure area.
Samsung Electronics started using the paper locally in 2010, and has since expanded the practice to its overseas corporations and major partners. SK Hynix, the world’s largest semiconductor maker, started using the secure paper in 2011.
“When you put the paper in the sunlight, you can see an iron core,” said a spokesman for SK Hynix. “Although it is around five times more expensive than normal paper, it is effective in maintaining security.”
“Currently, we supply the special paper to four or five organizations, including the Ministry of National Defense,” said a spokesman for Koreit, which makes the paper.
It is noteworthy that strict internal security management has become an accepted part of corporate culture.
One card company fired an employee after it was discovered that he had sent private company data via his personal email account.
“No matter how trivial the data is, all employees must use their company accounts at work,” said a spokesman for the company. “If not, it is one strike and you’re out.”
“Around 80 percent of technology leaks are done by insiders,” said an industry official. “It means that personnel verification is very important.”
Last year, a company that had developed a special desalination technique had its technology leaked, which led to damages of several trillion won.
In fact, the number of core technologies leaked abroad is increasing every year. According to the National Intelligence Service, about 40 people are caught each year for trying to send technology abroad.
“Global companies spend 0.5 percent of their revenue on security,” said Jung of Sentinel Korea. “However, Korean companies still try to fix the problems after an accident takes place. The KHNP incident has warned companies that this type of accident could happen at any time.”
BY LEE SANG-JAE, LEE HYUN-TAEK [email@example.com]