KT hack exposes gaps in South Korea’s cybersecurity

Fake small base stations, known as femtocells, used in the recent KT micro-payment hacking, were openly sold on Chinese websites and had already reached South Korea, authorities confirmed. Femtocells are devices that mobile carriers install to improve signal quality in areas with weak reception. In the KT case, individuals set up the devices illegally, intercepting mobile phone frequencies to steal device information. So far, personal data of 20,000 KT subscribers has been compromised, and micro-payment losses have exceeded 200 million won.

The Dong-A Ilbo investigative team contacted a femtocell seller directly, who said, “Each unit costs $10,000 and can be delivered within seven to 10 days.” Communication with the seller takes place via Telegram, and payments are made in cryptocurrency. Regarding customs clearance in South Korea, the seller claimed, “There are routes to avoid detection. We have been selling for 10 years without any problems.” The ease with which anyone could disrupt the communications network and steal personal information is deeply alarming.

Chinese authorities began cracking down on femtocell hacking in 2013 after it became a social problem, uncovering 72 criminal organizations that used the devices to send phishing messages. As these groups expanded overseas, similar incidents occurred in Vietnam, Japan, Thailand, and now South Korea, culminating in the KT micro-payment hack. Experts said the attack could have been prevented, but responses were inadequate. They also warned, “Hacking techniques have become more sophisticated, but government and corporate capacity and investment to counter hacking remain at levels from 10 years ago.”

This year, the government’s budget for cybersecurity research and development (R&D) is 212 billion won, an 11.4% increase from last year on paper. However, much of the funding is focused on AI-based hacking defenses, creating the illusion of growth, while traditional cybersecurity research budgets have actually declined. Teams of professors conducting research on dark web analysis, femtocell hacking defenses, and personal data encryption now face budget cuts and possible project termination. Experts warn that with this level of awareness and capability, it will be difficult to counter hackers armed with constantly evolving techniques. With major incidents at SK Telecom, Lotte Card, and KT compromising virtually the entire nation’s personal data, the question remains: how long will responses continue to lag behind?