[Editorial] E-government holes

Authorities in the dark for 3 years about public officials' work system being hacked

The e-government that South Korea has boasted is having a rough time.

Serious holes came to light in the government computer network after a battery fire at the National Information Resources Service in September paralyzed electronic government services.

The Onnara System, an online platform used by civil servants when they work, is said to have been hacked and data leaked for about three years. It is the first time that the system managed by the Interior Ministry was infiltrated.

About 650 electronic signatures, called government public key infrastructure certificates, used to log on to the system were leaked. Also, the passwords of 12 users were stolen.

In August, Phrack magazine, a US publication on online cybersecurity, raised suspicions that some South Korean government agencies and private companies may have been hacked. The Interior Ministry and the National Intelligence Service on Friday confirmed the report was correct.

An inspection by the intelligence agency found hacking traces in the Onnara system, mail servers, email accounts and Government-Virtual Private Network used to access Onnara remotely through user authentication. In the private sector, two mobile carriers — KT and LG Uplus — were exposed to hacking attacks.

Authorities found that hackers had accessed data in the Onnara system from September 2022 to July this year. To enter the system, they went through the remote VPN by using the public key infrastructure certificates.

The Onnara platform is used by civil servants daily to perform their jobs. They log on to the system to send and receive numerous documents and memos on the network. It is a core work system essential for public officials to run the government.

Checks on the system so far have found that the hackers had left log failure records many times in the process of trying to enter the system, but no alert was issued. A constant mechanism to detect abnormal signs in the system did not work.

It is a serious problem that the government was in the dark about the hacking and data leak from one of its key systems for more than three years. The incident reveals how insensitive the government has been to the security of its computer networks.

The government said that shortly after recognizing the hack it undertook emergency measures to require users to take extra authentication steps, but it has not yet grasped exactly who conducted the hack and what data was leaked.

The government said the damage would not be great. That argument is unconvincing considering that the hackers looked at internal government data, and the government knows nothing about what they saw.

The incident displays the government’s chronic neglect of system breach risks. When computer networks used by local government employees were paralyzed due to defects in network equipment in November 2023, there were calls for an overhaul and repair of all government information systems. But little has changed.

The magazine report indicated that "KIM" was suspected as the culprit behind the hack, but it is not clear whether that refers to Kimsuky, a North Korean state-backed hacker group. For now, the Korean government can only assume that unidentified hackers might have penetrated the government administration network by securing passwords and authentication certificates in certain ways.

With the customer data of SK Telecom, KT and Lotte Card recently leaked, the government has floated punitive penalties for their security system failures, but now the government is in a position no different from the companies in that they have been slack in managing their computer systems.

If the government’s online networks are hacked or disrupted, people's everyday lives will suffer great damage and national security will wobble. A fire at the state data center, followed by the belated exposure of the Onnara network hack, shows gaping holes in the electronic government system.

It is necessary to examine all the government computer systems from scratch. If it ends up with just a quick fix this time, a bigger calamity could strike next time.