hankyoreh

The Hankyoreh confirmed that South Korea’s largest internet service providers - including SK Telecom (SKT), LG Uplus (LGU+), and KT - contacted Cisco, a US company that makes routers and other network equipment, in connection with documents leaked by Edward Snowden, former contractor for the US’s National Security Agency (NSA). According to the documents, the US has been putting bugs in Cisco’s routers and using them for online snooping.

South Korea’s largest internet service providers

With South Korea government agencies like the National Intelligence Service (NIS) and the Ministry of Science, ICT and Future Planning sitting on their hands, companies in the private sector were forced to take action themselves.

When asked by a Hankyoreh reporter whether it had contacted Cisco after Snowden leaked documents last year detailing how the NSA had installed “backdoor” hacking programs in some of Cisco’s routers, SK Telecom responded on Oct. 19 that it had done so. Company representatives added that no vulnerabilities had been detected.

Responding to the same question, LG Uplus said it had contacted Cisco as well.

“We asked Cisco Korea whether backdoor software had been installed, and the response we received from Cisco was that they abide by the ethical and legal regulations of the country in question,” a KT representative said.

“We made our inquiry not in 2014 but at the end of 2012. The end of 2012 was when the possibility of installing backdoor software in network equipment became an issue in the industry, and we made inquiries with the network equipment companies that we do business with, including Cisco,” the representative went on to say.

A router is an essential component in an online network. It serves as a kind of interchange on the information superhighway, finding and guiding internet packets toward the optimal route. Producing the routers used in a large-scale network demands a high level of technology, and products by US companies like Cisco and Juniper are widely used.

To date, the South Korean government has yet to investigate or take any measures in response to the suspected hacking of imported US routers. Instead, it has been private companies -- the internet service providers -- that have taken on the task.

“I am not aware of any direct government investigation or measures in response to Snowden‘s allegations of router hacking,” said a source with the cyber infringement response division in the Ministry of Science, ICT and Future Planning (MSIP).

A similar message was echoed in a telephone interview by Kim Kwang-ho, director of the MSIP’s National Security Research Institute, which is tasked with researching cyber security.

“We don‘t do that unless we get a mission,” Kim said. “There haven’t been any research and development orders related to [the possibility of Cisco router hacking].”

The National Intelligence Service, which supervises practical duties related to online security, said it could “not confirm” when asked.

Since introducing routers made by China’s Huawei last year, the MSIP has set up a network security research team with 17 members, including civilian experts, to explore the possibility of online network device hacking. Even when the Cisco hacking allegations surfaced during their examination, no specific investigation or measures were undertaken. Numerous security experts who participated on the team told the Hankyoreh that Cisco had been a topic of discussion at the time of revelations, but only in passing by professors.

The MSIP also conducts emergency reviews of important communications infrastructure when deemed necessary. Four such emergency security reviews have been carried out since 2003, but none was performed in connection with the Snowden revelations.

By Ko Na-mu and Kwon Oh-sung, staff reporters

Please direct questions or comments to [english@hani.co.kr]