in

This Blog

Syndication

Tags

News

AlertBoot offers a cloud-based full disk encryption and mobile device security service for companies of any size who want a scalable and easy-to-deploy solution. Centrally managed through a web based console, AlertBoot offers mobile device management, mobile antivirus, remote wipe & lock, device auditing, USB drive and hard disk encryption managed services.

AlertBoot Endpoint Security

AlertBoot offers a cloud-based full disk encryption and mobile device security service for companies of any size who want a scalable and easy-to-deploy solution. Centrally managed through a web based console, AlertBoot offers mobile device management, mobile antivirus, remote wipe & lock, device auditing, USB drive and hard disk encryption managed services.

Data Security: SK Communications Data Breach Due To "Cheap" Foreign Antivirus Software

I'm stepping away from disk encryption today to explore an issue surrounding antivirus software (in a totally cursory, non in-depth way) that popped in the South Korean media.

Norton is Cheap Software?

According to news reports in Korean media, SK Communications (SK Comm ) has been accused of using "cheap" antivirus software.  If you're not aware, SK Comm is the company behind websites Nate and Cyworld: they had a total of 35 million members and their site was hacked in July.

To put that into context, the official tally of the South Korean population is at 49 million.  In other words, 70% of Koreans were affected by this breach (including yours truly).  Obviously, there was going to be a government investigation.

According to South Korean media, the Korean Committee on Culture, Sports, Tourism, Broadcasting & Communications released a report yesterday noting that, of the 50 or so antivirus software available in the Korean market, SK Comm used Norton from Symantec.

Per the articles covering the issue, the specific malware that caused the SK Comm breach was detected by five particular antivirus solutions.  Norton was not part of that group of five.  However, it appears that Norton is less expensive than some solutions that were tested.

This prompted the Committee to slam SK Comm for using "cheap" foreign antivirus software and accused it of being pennywise and pound foolish.  And by slammed SK Comm I mean they brought in the CEO and told it to his face.

The report was also pointed out that of the six major Korean portals and telecommunications companies, five of them used a domestic antivirus solution (Ahn Lab) while SK Comm was the odd man out.  SK Comm was hacked, the others weren't.  The implication is, do the math.

The CEO was also warned by a member of the Korean Assembly (and Committee member) that if SK Comm does not pay damages for the breach, there would be a class action lawsuit...led by the Assemblyman himself! (Link here if you read Korean).

Cheap Also Means Worthless, Suspect

It's debatable whether Ahn Lab's solution is better than Norton (some point out that Ahn Lab is totally focused on the Korean market and its electronic ills, possibly making it a better solution in the small East Asian peninsula, the nature of the internet notwithstanding).  It's also debatable whether Norton is any good along with all other antivirus software (I know plenty of people who've sworn off AV products in general because the protection/performance ratio is below their personal expectations while the annoyance ratio is off the charts).

But to classify Norton as "cheap" antivirus software in relation to other similar solutions?  Like in many cultures, the word "cheap" in Korean doesn't necessarily mean "bargain" as much as it means "worthless" or "suspect" when it comes to goods and services, and the Korean populace has gone to the message boards to ridicule the Assemblyman and the Committee's report (and their cluelessness) for making such a statement.

Personally, I'm beginning to understand why Korea has seen massive data breaches crop up every other week in the past four months (or, at least, it certainly feels that way).  It's quite obvious that people at the head of organizations, be it the government or companies, have absolutely no idea what is involved when it comes to data security, and are busy treating the symptoms while letting the wounds fester.

I don't have a problem with the Committee's findings that somehow the right product would have prevented the breach from happening.  In hindsight, that's certainly true.

However, there's also the implication that the "right" or expensive product will protect prevent data breaches from happening and that's patently untrue.  SK Comm shouldn't be criticized for choosing one antivirus software over another.

Where's the report on the real issues?  How often does the company conduct a security audit?  How often / fast do they apply patches?  Do they have the correct policies in place?  What are they doing for access control?


Related Articles and Sites:
http://media.daum.net/digital/others/view.html?cateid=100031&newsid=20110922185613187&p=moneytoday&t__nil_economy=downtxt&nil_id=5
http://ntn.seoul.co.kr/?c=news&m=view&idx=117411

 
<Previous Next>

Disk Encryption Software: Simon Yanez DDS Notifies Breach, 10,000 Affected

Third Sector Encryption: Protecting Non-Profit, Non-Governmental Data

Comments

No Comments

About sang_lee

Sang Lee is a Senior Account Manager and Security Analyst with AlertBoot, Inc., the leading provider of managed endpoint security services, based in Las Vegas, NV. Mr. Lee helps with the deployment and ongoing support of the AlertBoot disk encryption managed service. Prior to working at AlertBoot, Mr. Lee served in the South Korean Navy. He holds both a B.S. and an M.S. from Tufts University in Medford, Massachusetts, U.S.A.