SK infosec

Go to Body

SK infosec News

SK infosec acquired “AWS Security Competency” ∙∙∙ First among domestic technology partners

SK infosec announced on the 21st that it had acquired the AWS (Amazon Web Services) Security Competency certification for the first time among domestic AWS technology partners. AWS Competency is a program that certifies the partner company in using AWS by industry, solution, and workload. AWS helps partners and customers grow and develop collectively with Amazon by certifying the partner companies. SK infosec obtained an advanced tier among AWS technology partners. Additionally, SK infosec was recognized as a company that could provide appropriate security technologies and services to its customers that use AWS by acquiring Security Competency. AWS partnership is divided into a consulting and technical sector. SK infosec is the only company that obtained both an advanced tier and competency in the security technology sector. Currently, SK infosec provides comprehensive security services ranging from cloud security consulting to security system development, control, and operation, based on many experts and copious business experience. SK infosec provides managed control services for AWS WAF (Application Firewall) and Amazon GuardDuty service. “The acquisition of AWS Security Competency allowed SK infosec to gain momentum on becoming the most reliable cloud security service provider in Korea. We will do our best to provide a more safe and reliable security service,” said Kim Yongcheol, head of the Cloud Business Department at SK infosec.
2020-05-21
SK infosec runs managed security services “in good condition,” despite the spread of COVID-19

- Established a Virtual War Room system and prevented gaps in customer security services by diversifying the Secudium Center in advance. SK infosec announced on the 5th that it had established a Virtual War Room system for quick response time to the spread of COVID-19 to take preemptive measures for office building disinfection, employee monitoring, and securing business continuity. “Secudium Center”, SK infosec's security operations center, provides 24/7 managed security services(MSS), even in emergency situations. In particular, multiple security operations centers are operated to enable primary and secondary backup during the COVID-19 crisis. In addition, SK infosec d an emergency working environment for active response by securing backup personnel and exchanging the workplace among controllers by changing the working method of existing personnel to prevent service shutdown. SK infosec also prepared customized response guidelines for both remote MSS customers and on-site MSS customers with different security environments. SK infosec enabled a stable security service operation in case the control center could not be operated by providing a hybrid control service that combines remote and on-site services. Furthermore, SK infosec plans to implement other response methods such as a control service operation based on telecommuting and control center relocation in consideration of the control characteristics of each dispatch service customer, and provide non-stop security services to customers with support from the main office. “SK infosec has built a systematic response proficiency while experiencing numerous cyber security crisis. We will exert our best efforts to provide security services to our customers without setbacks even though we are in an emergency due to the spread of COVID-19,” said Lee Jaewoo, vice president of Platform Business Group at SK infosec.
2020-03-05
SK infosec releases the tracking information on “Tick”, a group that hacked Mitsubishi Electric

- EQST Group released domains, malicious codes, and vulnerability information that were exploited by the Tick hacking group. EQST, the security expert group of SK infosec, announced on the 22nd that it had released an indicator of compromise related to the “Tick” hacking group known to have hacked Mitsubishi Electric in Japan. EQST Group has been continuously tracking the “Tick”. The group used hacking information shared with the Global Cyber Threat Association (CTA) and information accumulated in the Secudium Intelligence data. The group traced the Tick attack by adding forensic analysis of the Computer Emergency Response Team (CERT). The IOC released by the EQST Group included 5 domains, 138 malicious code hash information, and 2 security vulnerabilities that were exploited by the Tick hacking group in the past 6 months. Enterprises can use the IOC information when they set their security system policies. Tick hacking group has been attacked public institutions and private enterprises in Korea and Japan since the Flash Zero Day vulnerability attack in 2013. They use various attack techniques such as exploiting vulnerabilities in software products or bypassing the security systems. “In some cases, the Tick hacking group attempted to attack domestic public institutions, munitions companies, manufacturing companies, and IT companies. We need to be prepared for hacking attacks by learning from the Mitsubishi Electric hacking incident and staying ,” said Kim Seongdong, leader of SK infosec CERT.
2020-01-22
SK infosec allies with VinCSS, an information security subsidiary of Vingroup in Vietnam

- Established strategic partnership with VinCSS, an information security subsidiary of Vingroup, to develop the information security market in Vietnam. SK infosec announced on the 20th that it had signed a strategic partnership agreement for cooperation on information security business on the 19th, with the participation of Lee Yong-Hwan, CEO of SK infosec and Trac, CEO of VinCSS, at 81 Tower, Vingroup’s landmark, in Ho Chi Minh, Vietnam. VinCSS is an information security subsidiary of Vingroup, the largest private company group in Vietnam. It is expanding its business to the domestic market in Vietnam, based on the information security business of the affiliates of Vingroup. Furthermore, VinCSS also plans to expand its business to neighboring Asian countries such as Cambodia, Malaysia, Thailand, and Myanmar. The agreement was made owing to a coincidence of interests between the two companies, as SK infosec is trying to expand the global market while Vin CSS is striving to become the top information security company in Vietnam. Recently, the Vietnamese government has been increasing investment in information security amid ever increasing calls for greater security among financial institutions such as banks and insurance companies. Accordingly, the two companies expect great synergy between SK infosec, which specializes in the information security business, and Vingroup, which has secured a business network in various fields. SK infosec plans to establish its data management platform, Secudium, at the VinCSS security center by the end of this year, and to provide technology transfer, training, control operation, and sales know-how. VinCSS will provide information security services to about 30 affiliates of Vingroup and secure local customers in Vietnam, based on the establishment of the platform.
2019-11-20
SK infosec participates in “The Paris Call”, promises trust and stability in cyberspace!

SK infosec expressed its support for the “The Paris Call for Trust and Stability in Cyberspace” declaration (“The Paris Call” for short), which was published to develop common principles aimed at making cyberspace safe. SK infosec, the No.1 information security company in South Korea, has promised to cooperate with more than 560 organizations and companies around the world to make cyberspace safe by taking actions to prevent losses and threats caused by global cyber-attacks. What is “The Paris Call”? It is a new international convention that aims to set standards for cyber weapons and Internet use, which is needed to guarantee trust and stability in cyberspace. It was implemented when French President Emmanuel Macron officially announced “The Paris Call for Trust and Stability in Cyberspace” at the Internet Governance Forum held in Paris on November 12, 2018. As 560 companies and organizations have so far expressed their support, the Paris Call is developing into one of the most widely supported cyber-security initiatives in history. The Paris Call urges voluntary compliance and cooperation with cyber security principles based on the establishment of meaningful rules in cyberspace. Organizations and companies can express their cooperation with the activities discussed at various international forums in the past by signing The Paris Call. The 9 principles of The Paris Call The 9 principles of the Paris Call should be followed by members living together in various cyber spaces, which were discussed and agreed upon at various international forums. 1. Increase prevention of and resilience to malicious online activity. 2. Protect the general availability and integrity of the Internet. 3. Cooperate to prevent malign interference in electoral processes. 4. Work together to combat intellectual property violations via the Internet. 5. Prevent the proliferation of malicious ICT tools and techniques. 6. Strengthen the security of digital processes, products and services. 7. Support efforts to strengthen an advanced cyber hygiene for all actors. 8. Take steps to prevent hacking-back. 9. Promote the widespread acceptance and implementation of international norms of responsible as well as confidence-building measures. SK infosec became the first security company in Asia to join the Cyber Threat Alliance (CTA) in 2017, and has been actively responding to cyber-attacks. In particular, SK infosec will take one step further toward security cooperation in the hyper-connected era, beginning with The Paris Call.
2019-11-13
"In an e-mail opened thoughtlessly…"SK infosec EQST Group warns of attacks targeting the AD server.

SK infosec held an EQST group media meeting at main office in Pangyo, Seongnam-si, Gyeonggi-do on the 17th, and announced the risk of cyber-attacks targeting e-mails and AD servers. Citing the results of its own survey, EQST announced that the e-mail was the first intrusion path, accounting for 35% of hacking incidents recorded in the first half of this year, while hacking incidents caused by software and server security vulnerabilities, and the lack of a security policy accounted for 21%. During his presentation, Kim Sung-Dong, the team leader of EQST’s breach incident response team said that “a total of 171,400 malicious e-mails were detected in the first half of this year, which already exceeds the number of malicious e-mails detected in the whole of last year (163,387).” Given that there are still six months left of this year, he estimated that malicious e-mail attacks will more than double from the previous year in the end. He also stated that attempts to take control over AD (Active Directory) servers have been increasing this year, spreading the damage. Previously, attackers would infiltrate a corporate system using an e-mail to spread a ransomware infection or install mining-type malicious codes. Team leader Kim Sung-Dong also claimed that “A routine attack pattern has been established in which attackers gain control of an AD server after infiltration using e-mail, and spread malicious files to several systems using the Windows SMB function. Losing control of the AD server is like giving away the door keys of an entire household to a thief." He also explained the attack called “CHAD”, cases of which have actually been investigated by EQST. “CHAD” is a composite of the first two characters of the password “chapchap” used by the attacker and “AD”. He said that the CHAD attack, first detected last year, shares certain common denominators with massive attacks, including email penetration, AD server control, and SMB propagation, and that four corporations were successively attacked early this year. During the meeting, the EQST group also discussed cloud security threats, explained the security vulnerabilities of some container technologies that are used to conveniently deploy multiple applications in the cloud, and demonstrated virtual attack scenarios by exploiting those vulnerabilities. The group said that a hacker has actually infected ransomware or installed mining-type malicious codes by infiltrating the corporate cloud using such attack scenarios. * EQST : Experts, Qualified Security Team
2019-07-18
SK infosec declares the need for 'hyper-security' in the hyper-connected era, manages safety

Having presented a new paradigm of convergence security, SK infosec is expanding the scope of responsibility of cyber security at the beginning of the newly emerging hyper-connected era, and aims to become a “hyper-security” company that promotes the value of “safety” by protecting human life and property. “Secudium IoT”, the new convergence security service of SK infosec, is designed to protect human life and property from safety accidents and disasters by converging security technology with safety management technology. To this end, the cyber security control platform “Secudium”, which collects and analyzes threat data, has been re-designed to support the safety management domain. Secudium internalizes core technologies that collect, analyze and process the log information of cyber security systems, and the risk response/management process. Based on this core technology, SK infosec has extended the scope of Secudium’s data processing capacity to include physical, operational technology (OT), as well as the internet of things (IoT). The core aim of the Secudium IoT business is to develop an integrated safety system by connecting various IoT devices used in the safety management area. For example, access warning sensors can be installed in heavy equipment to prevent frequent collisions between workers and heavy equipment at industrial sites such as construction sites, factories, and logistics sites. When these sensors are connected to the Secudium IoT platform, the safety manager can respond quickly in the event of an accident, and check various types of information - such as risk frequency and accident hazards - by accumulating warning data. Using such information, risk factors can be systematically prevented or controlled by adjusting the traffic lines between workers and heavy equipment and by installing more safety management devices, among other measures. “We can reduce the risk of safety accidents significantly, as more IoT devices including CCTV, video analysis, conflict detection, and temperature sensing are added to the Secudium IoT platform, besides the access warning,” said Lee Soo-Young, director of the DS Business Group and the Secudium IoT business.
2019-06-19
SK infosec develops the cloud security market in full scale... Allies with Bitglass in the U.S.

SK infosec announced on the 10th that it signed a partnership agreement for the cooperation of cloud security business at the main office of SK infosec located at Pangyo, Seongnam, Gyeonggi-do on the 9th, with both companies’ interested parties participating including Ahn Heechul, infosec’s CEO, and David Shephard, vice-president of Bitglass Asia Pacific. SK infosec has been working to a security business model to keep pace with the rapidly changing cloud-computing era. Moreover, SK infosec regards efficiency of security and management with high importance, as companies are increasingly using multiple cloud services. As a result, SK infosec signed a business cooperation agreement with Bitglass, which as a result, secured related technologies, and will begin work earnestly. Bitglass is a cloud security company based in Silicon Valley in the United States. As its business motto indicates, Bitglass provides security services for all cloud-based applications and devices, including Google Apps, Salesforce, Evernote and Office 365. Immediately after concluding the contract, the two companies will start developing a cloud security market where demand is increasing daily. A strategy of securing customers will be established by combining cloud application security functions held by Bitglass, such as securing data visibility, user authentication, encryption, access control, and malicious code blocking, as well as managed security services and threat intelligence services of SK infosec.
2018-08-14
SK infosec expands its business front line to Japan…Joined hands with Sompo, Japan's No. 1 insurance

SK infosec announced on the 27th that it signed a partnership agreement primarily regarding security service business launching and cooperation in Japan on the evening of the 26th at the Sompo’s main office located in Tokyo, Japan, with both companies’ interested parties participating including Ahn Heechul, infosec’s CEO, and Yasushi Fuse, CEO of Sompo Risk Care Management (hereafter referred to as “Sompo Risk Care”). As the interests of SK infosec, which aims to expand its business front line to the global market, coincided with those of Sompo, which aims to develop information security, the contract between the two parties was concluded. The two companies estimated that it was the right time to enter the market, as interest in cyber security in Japan is on the rise due to the upcoming Tokyo Olympics in 2020, as well as the crypto currency exchange “Coincheck” hacking incident at the beginning of the year which caused a massive loss for many. Under the agreement, the two companies will do their part in sales, marketing, and security service management in Japan. Sompo Risk Care will start managed security services (MSS) and vulnerability assessment service sales throughout Japan, first launching in the Tokyo area. SK infosec will provide each service remotely from security operation center (SOC) located in Korea. Unlike other insurance companies that sell cyber security insurance by approaching security from the viewpoint of damage assessment, Sompo Risk Care will give priority to security service businesses when performing its sales activities. About Sompo Risk Care Management Sompo Risk Care Management was formed in 1997 as a strategic risk management company backed by abundant experience and expertise accumulated over the years as a Safety Engineering unit of Sompo Japan Nipponkoa Insurance Inc.
2018-04-27
SK infosec participated in 2018 RSA Conference… Released “Secudium IoT” to the global market

SK infosec announced on the 17th that it would participate in the “2018 RSA Conference” exhibition, the world's largest security event, that is held in San Francisco on the 16th (local time). SK infosec plans to announce “Secudium IoT”, an integrated digital security-monitoring platform, at the RSA conference this year under the flag “Connect Everything, Secure Everything”. Secudium IoT is a security platform developed by SK infosec for its next growth engine “Digital Security” business. For responding to internal and external threats, Secudium IoT collects and analyzes all the data produced by various systems such as information security, physical security, and industrial manufacturing facilities used by enterprises and industrial sites. There have been platforms that manage each area in an integrated manner, such as information and physical area, as well as industrial manufacturing facilities. However, Secudium IoT is the first product that attempts to integrate them all. As SK infosec stated it will launch a digital security business with the focus on Southeast Asian countries that shows remarkable growth trends, those countries started to build “Smart Cities” in earnest.
2018-04-17

1 2

Contact us

Contact ▲
TOP

Contact us

Contact ▲
TOP

SK infosec

SK infosec 4th&5th fl. 23, 227-gil, Pangyo-ro, Bundang-gu, Seongnam-si, Gyeonggido 13486
Business registration number : 120-86-07747 TEL : +82-2-6361-9114 FAX : +82-2-6361-9998

Open source inquiry : skinfosec.oss@skinfosec.co.kr

COPYRIGHT © 2020 SK infosec. All Rights Reserved

Family Site

SK infosec

Blog

YouTube

Family Site

SK infosec 4th&5th fl. 23, 227-gil, Pangyo-ro, Bundang-gu, Seongnam-si, Gyeonggido 13486 TEL : +82-2-6361-9114

Open source inquiry : skinfosec.oss@skinfosec.co.kr

COPYRIGHT © 2020 SK infosec. All Rights Reserved