KT to Invest Over $724 Million in Cybersecurity Following SK Telecom Data Breach
In response to heightened consumer concerns following a substantial data breach at SK Telecom, South Korean telecommunications leader KT has announced a commitment to invest more than 1 trillion won (approximately $724 million) over the next five years to bolster its cybersecurity measures. This announcement comes shortly after SK Telecom, the nation’s largest mobile carrier, pledged 700 billion won for similar enhancements in light of a massive cyberattack that compromised customers’ USIM data earlier this year.
During a media briefing in Seoul, KT’s Chief Information Security and Privacy Officer, Hwang Tae-sun, clarified that this investment strategy was in development prior to SK Telecom’s incident. Hwang cited a series of high-profile data breaches affecting major US telecommunications companies, including AT&T, T-Mobile, and Verizon, throughout 2023 as a catalyst for KT’s proactive measures.
Currently, KT is the largest domestic investor in information security, spending over 100 billion won annually. Under the new initiative, the company plans to significantly increase its cybersecurity budget to approximately 200 billion won per year, starting next fiscal year. This escalation signifies KT’s commitment to addressing vulnerabilities in the increasingly complex landscape of cyber threats.
Of the total budget, about 20 billion won will be allocated towards fostering partnerships with global technology firms. Hwang indicated that KT is particularly interested in collaborations not only with Microsoft but also with other prominent security institutions like Google and Palo Alto Networks. This strategic move aims to enhance KT’s cybersecurity posture through shared expertise and resources.
A substantial portion of the investment, amounting to 340 billion won, is designated for the fortification of the company’s “zero-trust” architecture. This model, which mandates continuous authentication and grants no automatic trust to users or devices, is critical in creating a robust cybersecurity framework. Additionally, this funding will support the enhancement of infrastructure necessary for artificial intelligence monitoring systems, which will play a crucial role in real-time threat detection.
Further, KT plans to dedicate 660 billion won to ongoing disclosures and initiatives aimed at building public trust in its cybersecurity capabilities. The remaining 50 billion won will be utilized to expand KT’s cybersecurity workforce from the current 162 employees to a targeted 300 professionals, strengthening its defensive capabilities against evolving threats.
At the briefing, KT also announced the upcoming launch of an enhanced artificial intelligence-based voice phishing detection service. Set to debut later this year, this AI tool will analyze phone conversations in real time, striving to improve fraud detection accuracy from 91.6% to 95%. This improvement is estimated to potentially prevent over 200 billion won in fraudulent losses.
In parallel, KT is upgrading its AI-driven spam filtering system for text messages, aiming to effectively identify and block new forms of spam, including investment scams and fraudulent messages mimicking social media conversations. This comprehensive approach showcases KT’s commitment to enhancing its cybersecurity infrastructure amid increasing threats in the digital landscape.
The implications of these investments are profound, especially considering the tactics commonly employed by cyber adversaries as outlined in the MITRE ATT&CK framework. Techniques such as initial access through phishing, persistence via compromised credentials, and privilege escalation to access sensitive data could have been employed in recent attacks, demonstrating the urgent need for robust cybersecurity measures across the telecommunications sector.
As KT rolls out this ambitious cybersecurity initiative, the focus remains clear: to safeguard consumer data and restore confidence in the face of mounting cyber threats.
