(C) SC Media
2025 has been recorded as a year of unprecedented vulnerability for South Korea, with the personal data of nearly the entire population compromised. High-profile data breaches have struck major industry players across the board, including SK Telecom, Lotte Card, KT, Netmarble, and Coupang. While the technical methods of these cyberattacks varied, the underlying causes remain startlingly consistent: a systemic failure to uphold basic security protocols.
The "Human Error" Behind the Chaos
A government interim investigation into the KT breach revealed a shocking lack of internal control. Numerous illegal femtocells (ultra-small base stations) remained connected to the internal network for years without oversight. Furthermore, the company reportedly used the same authentication certificates for nearly a decade. Experts describe the incident as a "man-made disaster," fueled by a pervasive organizational complacency that assumed such minor loopholes would never be exploited.
The Coupang incident was even more severe, involving the leak of over 33.7 million account details. The breach, which went undetected for months, was traced back to a failure to revoke access token signing keys from a former employee. Standard security practices—such as immediately terminating access rights upon resignation and rotating encryption keys—were ignored. This lapse allowed a single insider's deviation to escalate into a national crisis.
The Paradox of Investment: AI vs. Security
The current corporate landscape presents a stark contradiction. While companies are aggressively pursuing "AI Transformation (AX)" by pouring capital into Clouds, GPUs, and Large Language Models (LLMs), investment in security remains disproportionately low.
"Security is often sidelined because it does not contribute directly to immediate revenue," says an industry insider. "In the rush toward digital evolution, the 'unsexy' work of maintaining basic hygiene is being forgotten."
The Leadership Test: Survival Over Growth
As KT prepares to appoint its next CEO, the candidate pool has been narrowed to seven individuals. While most candidates are campaigning on visions of AI-led growth, critics argue that the priority should be different. The ability to manage security risks and enforce internal controls is no longer a "back-office" concern; it is a prerequisite for survival.
The global AI industry often resembles a high-stakes "showcase," where CEOs win applause for announcing multibillion-dollar investments. However, without the discipline to change passwords regularly or decommission obsolete hardware, AI becomes nothing more than an amplifier for existing risks.
Conclusion: A Return to Basics
The message for the Korean corporate sector is clear: AI may guarantee growth, but security guarantees survival. Before dreaming of a flashy digital future, companies must first secure their foundations. True leadership in the Digital Transformation (DX) era will belong to those who understand that the most advanced technology is only as strong as its simplest defense.
[Copyright (c) Global Economic Times. All Rights Reserved.]
