If your resident registration disappeared overnight: Lessons from SK Telecom and Ukraine’s digital refuge
Published: 20 May. 2025, 00:04
Updated: 19 May. 2025, 19:17
Audio report: written by reporters, read by AI
Chae Byung-gun
The author is acting editor-in-chief at the JoongAng Ilbo.
The latest findings from a joint government-private investigation into the SK Telecom hacking incident offer a stark warning: data security is no longer a background concern — it is central to national resilience. The second investigation, released on May 19, confirmed that subscribers' identification numbers (IMSI) were breached and raised concerns that device identification numbers (IMEI) may have also been exposed. For many Koreans, this data breach became alarmingly real when they lined up outside mobile carrier stores last month — not to buy new devices, but to prevent someone from impersonating them.
In today's world, data has become a proxy for our identity. Where once we protected our grain storage and household safes, now we must protect our digital information. Shin Yong-tae, a professor of computer science at Soongsil University, noted, “Though it’s my personal opinion, we may need to consider reforming Korea’s resident registration number system from a data security perspective.”
![A person stands in front of an SK Telecom retail store in Seoul on May 2 to replace his subscriber identity module (SIM) card free of charge. [YONHAP]](https://koreajoongangdaily.joins.com/data/photo/2025/05/21/6dcaf25d-f149-4de3-9a3e-3a2e66899d69.jpg)
The notion of “data assets” carries even greater weight at the national level. Beyond physical territory, digital infrastructure has become a core pillar of government function. Ukraine’s experience in the early days of its war with Russia serves as a compelling case study.
Though Ukraine now faces mounting pressure to settle under Russian advances and a more restrained posture from U.S. President Donald Trump’s administration, its early wartime resilience was underpinned by what has been called a “digital refuge.” Just one week before Russia’s invasion, Ukraine’s parliament revised laws that had previously mandated all government and key institutional data be stored domestically. The new law allowed storage on overseas servers.
On February 24, 2022 — the day of Russia’s invasion — Ukrainian officials met with Amazon Web Services engineers to coordinate the migration of national data to cloud servers. Over the next several months, data from 42 government agencies, 24 universities, and major commercial banks were transferred to Amazon’s cloud. The information included everything from citizen registries and property records to tax filings and academic credentials — the Ukrainian equivalent of Korea’s resident registration, land registries, tax certificates, banking records and graduation documentation.
The Los Angeles Times described it as having “boxed up the Ukrainian government.” Amazon officials noted that they were “preserving verifiable records of who owned what, and where.” This enabled Ukrainians to access property records remotely and allowed the education ministry to conduct graduation exams online. Microsoft also participated, storing large volumes of Ukrainian government data on its own cloud platform.
Of course, shifting sensitive data abroad is not a decision to be made lightly. Critics argue that relying on overseas cloud providers amounts to a surrender of digital sovereignty. While Ukraine claims it encrypted its data before transferring it, the risk of insider threats or technical tampering cannot be ruled out. A Korean cybersecurity expert explained that if data centers in Seoul or Gyeonggi Province were destroyed, the damage would be catastrophic. But storing sensitive personal and financial data overseas also introduces new risks. “This debate has been ongoing in Korea for years,” the expert said.
Still, Ukraine made a high-stakes choice: better to entrust its data to big tech than to risk losing it to Russia. As one Ukrainian official put it, “Missiles can’t destroy the cloud.”
Warfare today no longer targets only physical infrastructure. Digital infrastructure — government networks, financial systems and health databases — has become fair game. While all-out war is the extreme scenario, hacking is a daily and far more immediate threat. Cyberattacks that steal, erase or hold data hostage have become commonplace, perpetrated by both criminal and state actors.
Korea is particularly vulnerable. According to cybersecurity firm Specops, between May 2000 and June 2020, Korea ranked fifth in the world in the number of cyberattacks it endured — behind only the United States, the United Kingdom, India and Germany. Korea’s geographical position places it at the center of a digital battlefield, surrounded by three of the most cyber-active states: North Korea, China and Russia.
Just hours before Russia launched its full-scale invasion, it activated malicious software called “FoxBlade,” which had been secretly embedded in Ukrainian servers. The software attempted a massive “wiper” attack, designed to erase data from government and civilian networks. As cyber warfare analyst Song Tae-eun noted in a National Diplomatic Academy paper, this digital assault came before any physical missile strike.
![SK Telecom users wait in line to switch their SIM cards at a booth in Incheon International Airport on May 8. [NEWS1]](https://koreajoongangdaily.joins.com/data/photo/2025/05/21/b6ca7a2a-9346-47e8-9128-41df54627843.jpg)
Korea should take this as a lesson. In a potential conflict, the first wave may not be military but digital — crippling administrative, financial and security systems even before physical infrastructure is hit.
Losing data can shake the foundations of a nation. The democracy Korea seeks to preserve — and the upcoming presidential election, just two weeks away — are all built on the stability and integrity of digital systems. We are now living in the age of data security. It is no longer enough to secure borders. We must secure bytes.
Translated from the JoongAng Ilbo using generative AI and edited by Korea JoongAng Daily staff.
The author is acting editor-in-chief at the JoongAng Ilbo.
The latest findings from a joint government-private investigation into the SK Telecom hacking incident offer a stark warning: data security is no longer a background concern — it is central to national resilience. The second investigation, released on May 19, confirmed that subscribers' identification numbers (IMSI) were breached and raised concerns that device identification numbers (IMEI) may have also been exposed. For many Koreans, this data breach became alarmingly real when they lined up outside mobile carrier stores last month — not to buy new devices, but to prevent someone from impersonating them.
In today's world, data has become a proxy for our identity. Where once we protected our grain storage and household safes, now we must protect our digital information. Shin Yong-tae, a professor of computer science at Soongsil University, noted, “Though it’s my personal opinion, we may need to consider reforming Korea’s resident registration number system from a data security perspective.”
A person stands in front of an SK Telecom retail store in Seoul on May 2 to replace his subscriber identity module (SIM) card free of charge. [YONHAP]
Though Ukraine now faces mounting pressure to settle under Russian advances and a more restrained posture from U.S. President Donald Trump’s administration, its early wartime resilience was underpinned by what has been called a “digital refuge.” Just one week before Russia’s invasion, Ukraine’s parliament revised laws that had previously mandated all government and key institutional data be stored domestically. The new law allowed storage on overseas servers.
On February 24, 2022 — the day of Russia’s invasion — Ukrainian officials met with Amazon Web Services engineers to coordinate the migration of national data to cloud servers. Over the next several months, data from 42 government agencies, 24 universities, and major commercial banks were transferred to Amazon’s cloud. The information included everything from citizen registries and property records to tax filings and academic credentials — the Ukrainian equivalent of Korea’s resident registration, land registries, tax certificates, banking records and graduation documentation.
The Los Angeles Times described it as having “boxed up the Ukrainian government.” Amazon officials noted that they were “preserving verifiable records of who owned what, and where.” This enabled Ukrainians to access property records remotely and allowed the education ministry to conduct graduation exams online. Microsoft also participated, storing large volumes of Ukrainian government data on its own cloud platform.
Of course, shifting sensitive data abroad is not a decision to be made lightly. Critics argue that relying on overseas cloud providers amounts to a surrender of digital sovereignty. While Ukraine claims it encrypted its data before transferring it, the risk of insider threats or technical tampering cannot be ruled out. A Korean cybersecurity expert explained that if data centers in Seoul or Gyeonggi Province were destroyed, the damage would be catastrophic. But storing sensitive personal and financial data overseas also introduces new risks. “This debate has been ongoing in Korea for years,” the expert said.
Still, Ukraine made a high-stakes choice: better to entrust its data to big tech than to risk losing it to Russia. As one Ukrainian official put it, “Missiles can’t destroy the cloud.”
Warfare today no longer targets only physical infrastructure. Digital infrastructure — government networks, financial systems and health databases — has become fair game. While all-out war is the extreme scenario, hacking is a daily and far more immediate threat. Cyberattacks that steal, erase or hold data hostage have become commonplace, perpetrated by both criminal and state actors.
Korea is particularly vulnerable. According to cybersecurity firm Specops, between May 2000 and June 2020, Korea ranked fifth in the world in the number of cyberattacks it endured — behind only the United States, the United Kingdom, India and Germany. Korea’s geographical position places it at the center of a digital battlefield, surrounded by three of the most cyber-active states: North Korea, China and Russia.
Just hours before Russia launched its full-scale invasion, it activated malicious software called “FoxBlade,” which had been secretly embedded in Ukrainian servers. The software attempted a massive “wiper” attack, designed to erase data from government and civilian networks. As cyber warfare analyst Song Tae-eun noted in a National Diplomatic Academy paper, this digital assault came before any physical missile strike.
SK Telecom users wait in line to switch their SIM cards at a booth in Incheon International Airport on May 8. [NEWS1]
Korea should take this as a lesson. In a potential conflict, the first wave may not be military but digital — crippling administrative, financial and security systems even before physical infrastructure is hit.
Losing data can shake the foundations of a nation. The democracy Korea seeks to preserve — and the upcoming presidential election, just two weeks away — are all built on the stability and integrity of digital systems. We are now living in the age of data security. It is no longer enough to secure borders. We must secure bytes.
Translated from the JoongAng Ilbo using generative AI and edited by Korea JoongAng Daily staff.
with the Korea JoongAng Daily
To write comments, please log in to one of the accounts.
Standards Board Policy (0/250자)