|
Korea¡¯s online industry has been a flagship for the country¡¯s pop-culture and IT exports, but pride in its rapid development has tended to obscure the danger highlighted earlier this year by massive online ID theft for the online game Lineage. Cursory security measures and unnecessary real-name registration have made many websites here a magnet for hackers, with investigations showing that some 1 million Internet users fell victim to online ID theft at the hands of hackers in the Lineage fraud alone.
Thousands more hacking victims are being generated online every year. Operators of business websites are often unaware that they are being hacked or cover up attacks because they fear for their image or stock prices if the damage becomes known. Yet big portals or online news sites from Nate.com to MBC ESPN, from Mnet to OhmyNews, make ideal hunting grounds for hackers on the prowl for users¡¯ names and ID numbers. More harm still may have been done to government organizations or university websites. Geot, a local security firm, estimates that more than 4,000 hacker attacks occurred in Korea between May 2005 and January 25 this year.
Games and other websites make huge profits by skimping on the cost of preventing theft of users¡¯ private information. ¡°I once called a famous movie site to let it know that it had been hacked, but the response was, ¡®Why are you monitoring our website?¡¯¡± a staffer with a security firm said.
Many websites, from film festivals to news, needlessly continue to collect users¡¯ private information, sometimes even when they know they have been hacked. When the Ministry of Information and Communication recently checked how private information is controlled, it found that as many as 4,899 or 73 percent of 6,702 business websites required users to sign up with their resident registration numbers. A good 51 percent of them admitted the information is ¡°unnecessary,¡± but 91 percent wanted to know anyway. In other words, they collect such information for reasons other than the business in hand.
It is not easy for ordinary people to protect their privacy except by refusing to sign up. Nor is the government falling over itself to remedy the situation. A case in point is the ID theft by Chinese hackers. ID theft accounts for 70 percent of hacker attacks since 2005, but the government has done nothing to address it. ¡°Even though damage worth W7.5 trillion (US$7.5 billion) occurred in 2004 when the Internet broke down nationwide, the government has failed to learn its lesson,¡± says a staffer at computer security firm AhnLab. ¡°The Korean IT industry has rapidly grown in quantity but it still has a long way to go in terms of quality.¡±
Internet security firms say other countries are way ahead. Thus when kakaku.com in Japan was temporarily contaminated with a Trojan Horse, a malicious code that steals IDs and passwords, the operator immediately posted an apology on the website and shut it down for a week while cleansing it of all infections.
Experts say the time has come for the government and industry to repair the basic structure of the nation¡¯s jerry-built IT industry. ¡°It is important to come up with comprehensive measures to prevent any online damage now,¡± an official with the Ministry of Information and Communication says. ¡°We are considering whether to provide financial support to small and medium-sized companies to strengthening security as well as introducing alternatives to using real names and resident registration numbers online.¡±
(englishnews@chosun.com )
|
