SEOUL, Reports of ransomware attacks in South Korea have surged in the past year, shutting down hospitals to shopping malls as the coronavirus pandemic led to increased online activities.
On Thursday, a major plastic surgery hospital in southern Seoul posted on its website that its servers had been breached by a ransomware attack and that hackers appear to have stolen personal data of its patients, the latest in a series of reported ransomware attacks here — a tactic used by cyber criminals to breach businesses’ systems and hold their data hostage or lock up their systems until a ransom is paid.
The number of ransomware attack reports here stood at 127 last year, more than tripling from 39 in 2019, according to the Ministry of Science and ICT. As of Friday this year, there have been 65 cases this year.
Ransomware attacks have been aimed at various businesses. Last month, food delivery company Super Hero’s operations were paralyzed for hours after a ransomware attack, impacting 15,000 delivery workers nationwide.
In November last year, local fashion and retail giant E-Land Group was breached by hackers, forcing 23 of its 50 branches of NC Department Store and NewCore Outlet to halt their operations.
Cyber security attacks have increased in not only number but also in profile as the pandemic has made online activities essential.
As companies increase reliance on remote work during the pandemic, ransomware attacks have become a greater threat as they can cripple their entire work system, said Kim Seung-joo, a cyber security professor at Korea University.
That has led more companies to pay out the ransom, which encourages even more ransomware attacks. “It’s a vicious cycle,” said Kim, urging investment into cyber security to ward off the threat in the first place.
The attacks are part of a broader global trend.
Romanian cybersecurity firm BitDefender said in a recent report that global ransomware attacks grew 485 percent last year from 2019.
Recent notable attacks include a hack last month into Colonial Pipeline, a major oil pipeline operator in the United States, which forced the company to pay US$4.4 million in ransom.
South Korea expects ransomware attacks to continue and the ICT ministry last month set up a 24-hour monitoring team to support companies targeted by the attacks.
The government currently provides support to companies that have been targeted by the attacks, such as restoring their systems.
Source: Yonhap News Agency