Representative Lee Jeong-heon of the Democratic Party of Korea, a member of the Science, Technology, Information, Broadcasting and Communications Committee of the National Assembly, pointed out holes in the research security system of government-funded research institutes revealed by the cryptocurrency mining and research data leakage incident that occurred at the Korea Food Research Institute (KFDI) during a government audit on the 17th (Thursday).
According to data received by Rep. Lee through the Korea Food Research Institute, the cryptocurrency mining incident was revealed through the Food Research Institute’s own investigation after receiving a report of suspicion regarding bypass access in September 2023. At that time, the head of the information security team at the Korea Food Research Institute received an additional report that a server had been seen in the public relations center warehouse in the main building-dong and personally inspected vulnerable locations. As a result, a cryptocurrency mining device was discovered and confiscation was taken.
Cryptocurrency mining Mr. B committed illegal acts such as purchasing GPUs, falsifying data, and unauthorized manipulation of attendance records.
Mr. B, from the Performance Public Relations Office, instructed employees to purchase excessive amounts of expensive GPUs using the agency budget and stole employee IDs to purchase more. When two servers for cryptocurrency mining were seized during an internal information asset due diligence in October 2023, Mr. B attempted to retrieve the servers by forging the ‘GPU purchase application form’. This caused a disruption in the Korea Food Research Institute’s financial investigation work.
During the cryptocurrency mining process, Mr. B used KRW 7,862,990 from the Food Research Institute’s budget to install air conditioners, electrical work, and entry detection sensors, and earned a profit of approximately KRW 200,000. In addition, they installed communication devices without permission to operate a network for cryptocurrency mining and electronic wallet management, and even manipulated attendance records by accessing unauthorized servers, seriously threatening the food research institute’s security system.
Mr. A, the motive who helped Mr. B commit the crime, illegally leaked 52GB of research data after retirement.
The person who provided decisive help in Mr. B’s actions was his classmate, Mr. A. Mr. A is currently a professor at a national university, and even after retirement, he has been accessing the research institute’s server for 9 months through a bypass access program set up on his server. On March 30, 2024, 52GB of researcher data was illegally leaked to his server. This data is a combination of DNA information analyzed from basic data and is sample data classified as important information requiring security.
Mr. D, a fellow student of B&A, left the server administrator account unattended for a year, allowing data to be leaked.
Even after Mr. A left the company, Mr. D, the person in charge of information system management and Mr. A’s classmate, left the server administrator account information unchanged for more than a year. As a result, retired person A was able to freely access the researcher’s server from outside and leak important data.
Lee Jeong-heon “We need to respond to the Food Research Institute incident, we need to improve the security vulnerabilities of organizations that do not apply network separation.”
Rep. Lee Jeong-heon pointed out that security was breached even though the Korea Food Research Institute applied a logical network separation system and said, “This is evidence that the food research institute’s security management was not working properly.” He added, “This problem also occurred in institutions with network separation, but network separation was not He warned, “Submitted actors may be exposed to greater security threats.”
Representative Lee said, “There is a high risk of information leakage as 19 of the research groups and government-funded research institutes do not separate networks,” and “The cryptocurrency mining incident was not simply the deviation of one person, but three people from the Food Research Institute completely disrupted the security system.” This serious incident that caused the collapse should not end with only disciplinary action against the employees. “As a series of problems, such as cryptocurrency mining, researcher data leaks, and neglect of information protection, have been revealed through a report of bypass access, we must thoroughly analyze and devise countermeasures,” he strongly urged.
He said, “Unlike the Korea Food Research Institute, the security systems of organizations that do not have network separation are bound to be more vulnerable.” He added, “To prevent something like this from happening again, the Ministry of Science and Technology is preparing measures to improve network separation, and the Korea Food Research Institute is providing monthly security measures related to bypass access. He urged, “Be sure to prepare specific measures, such as inspection preparations, preventing external leakage of research data, and strengthening research server management.”
In response, Baek Hyeong-hee, director of the Korea Food Research Institute, responded, “Something that should not have happened has happened,” and “We will thoroughly analyze it and come up with countermeasures.” [email protected]
* Below is the English article translated with ‘Google Translate’ [전문]no see. ‘Google Translate’ is working to increase understanding. It is assumed that there may be errors in the English translation.
Rep. Lee Jung-heon: “Food Research Institute Cryptocurrency Mining Incident, Serious Research Security System Vulnerability”
Cryptocurrency Mining Incident Discovered by Suspected Bypass Access Report
On Thursday, the 17th, Rep. Lee Jung-heon of the Democratic Party of Korea, a member of the Science, Technology, Information, Broadcasting and Communications Committee of the National Assembly, pointed out a vulnerability in the research security system of the Korea Food Research Institute (hereinafter referred to as the Food Research Institute) that was revealed by the cryptocurrency mining and research data leak incident that occurred at the institute during the state audit.
According to the information received by Rep. Lee through the Food Research Institute, the cryptocurrency mining incident was discovered through the Food Research Institute’s own investigation after receiving a report of suspected bypass access in September 2023. At that time, the Food Research Institute’s information security team leader received an additional report that the server was seen in the warehouse of the PR building in the main building, so he personally inspected the vulnerable location and, as a result, discovered a cryptocurrency mining device and took measures to confiscate it.
Cryptocurrency mining B commits illegal acts such as purchasing GPUs, falsifying data, and manipulating attendance records without permission
B of the Performance Public Relations Office instructed employees to purchase expensive GPUs excessively using the organization’s budget, and stole employee IDs to purchase additional GPUs. In October 2023, when two servers for cryptocurrency mining were seized during an internal information asset audit, B attempted to retrieve the servers by forging a ‘GPU purchase application form’. This caused disruptions in the financial investigation of the Korea Food Research Institute.
B used 7,862,990 won of the Korea Food Research Institute’s budget during cryptocurrency mining to install air conditioners, electrical work, and access detection sensors, and earned approximately 200,000 won in profit. In addition, he installed communication devices without permission to operate a network for cryptocurrency mining and electronic wallet management, and seriously threatened the Korea Food Research Institute’s security system by manipulating attendance records through unauthorized server access.
A, a colleague who helped Mr. B commit his crime, illegally leaked 52GB of research data after retirement
The person who provided decisive assistance to Mr. B’s actions was his colleague, Mr. A. Mr. A is currently a professor at a national university, and even after retirement, he accessed the research center server for 9 months through a bypass access program set up on his server. On March 30, 2024, he illegally leaked 52GB of research center data to his server. This data is a combination of DNA information analyzed from basic data, and is sample data classified as important information requiring security.
Mr. D, a colleague of Mr. B&A, left the server administrator account unattended for a year, allowing data to be leaked
Even after Mr. A left the company, Mr. D, who was in charge of information systems management and a colleague of Mr. A, left the server administrator account information unattended for over a year. As a result, Mr. A, who had retired, was able to freely access the research center server from outside and leak important data.
Lee Jung-heon: “Food Research Institute Incident Countermeasures Needed, Security Vulnerabilities of Organizations Not Applying Network Separation Need to Be Improved”
Rep. Lee Jung-heon pointed out that the Food Research Institute’s security was breached despite its application of a logical network separation system, and warned, “This is evidence that the Food Research Institute’s security management did not work properly,” and “This problem occurred even in organizations with network separation, so research institutes without network separation may be exposed to greater security threats.”
Rep. Lee strongly urged, “19 research institutes and research institutes do not have network separation, which poses a high risk of information leakage, etc.,” and “The cryptocurrency mining incident is not simply the misconduct of one person, but a serious incident in which three Food Research Institute colleagues completely destroyed the security system, and this matter should not be concluded with just disciplinary action against the employees. A single report of bypass access revealed a series of problems, including cryptocurrency mining, researcher data leakage, and negligence in information protection, so a thorough analysis and countermeasures should be established.”
He said, “Unlike the Korea Food Research Institute, the security systems of institutions that are not network-separated are bound to be more vulnerable,” and urged, “To prevent this from happening again, the Ministry of Science and ICT should come up with measures to improve network separation, and the Korea Food Research Institute should definitely come up with specific measures, such as monthly inspections of bypass access, prevention of external leaks of research data, and strengthening management of research servers.”
In response, Baek Hyung-hee, the director of the Korea Food Research Institute, said, “Something that should not have happened has happened,” and “We will thoroughly analyze it and come up with measures.” [email protected]