South Korean tax agency was not affected despite hackers’ claim

By Kuksung Nam, The Readable
Apr. 3, 2023 6:43PM GMT+9 Updated Apr. 8, 2023 1:25PM GMT+9

The National Tax Service said on Monday that they have found no evidence of data disclosure by the ransomware hacking group LockBit and stated that there was no impact on South Korean taxpayers’ records.

The NTS has been cautiously monitoring the hackers’ activities after the attackers posted the agency’s domain name on their leak site on March 29, claiming that they would publish sensitive files on April 1. A spokesperson at the NTS notified The Readable on April 1, saying that there was no information leak.

On April 3, the South Korean tax agency confirmed again to The Readable that they have found no evidence of a cyberattack deployed by the cybercriminals so far. LockBit is a notorious ransomware group, using their leak site on the dark web to reveal data that they have stolen from companies across the globe.

On the LockBit leak site, the post on National Tax Service has changed from red to green, which means that the stolen data is available for access. However, contrary to other publications, the webpage did not offer actual files or links to download the compromised information. It is assumed that the post was automatically updated following the prescheduled program without disclosing any data, according to the cybersecurity firm S2W.

This is not the first time a hacking group attempted to target the South Korean tax agency for data extortion this year. According to the South Korean lawmaker Yang Kyung-sook, the NTS has suffered from almost 550 hacking attempts from January to February of this year. The cybercriminals tried to extract information from the tax agency by using methods such as acquiring authorization to its system, manipulating websites, and deploying distributed-denial-of service or malicious code onto its web service.

In a statement to the lawmaker shared with The Readable, the NTS explained that the taxpayers’ records have not been affected by the hacking attempts.

The cover image of this article was designed by Areum Hwang.

Kuksung Nam is a journalist for The Readable. She has extensively traversed the globe to cover the latest stories on the cyber threat landscape and has been producing in-depth stories on security and privacy by engaging with industry giants, foreign government officials and experts. Before joining The Readable, Kuksung reported on politics for one of South Korea’s top-five local newspapers, The Kyeongin Ilbo. Her journalistic skills and reportage earned her the coveted Journalists Association of Korea award in 2021 for her essay detailing exclusive stories about the misconduct of a former government official. She holds a Bachelor’s degree in French from Hankuk University of Foreign Studies, a testament to her linguistic capabilities.