Thursday, August 4, 2011

Time to Revamp Korea's National ID System?

I recommend another very interesting article generated by the cyber-attack and leakage of personal information from Nate and Cyworld accounts.  This one, accompanied by a nice graphic (click to see a larger version) was published in The Korea Times.
The article notes that the compromised information included names, passwords, phone numbers, e-mail addresses, and most alarmingly, resident registration numbers, the country’s equivalent to social security numbers.
Government officials insist that the country’s computer security defense is still salvageable as they scramble to apply the patchwork. But critics, unconvinced, claim it’s officially time to blow up the national ID system and start over.
``The resident registration number of virtually every Korean is out there ― the information is so easily available that police announced a while ago that hackers are barely getting 1 won for each code. And we have heard rumors that criminals are passing these numbers around in (Microsoft) Excel files,’’ said Jang Yeo-gyeong, a computer security expert at activist group Jinbo Net.
From a security standpoint, resident registration numbers are flawed from the start. The 13-digit code reveals the birth date, sex and registration site of a person, unlike comparable systems in the United States and Japan based on random numbering.
People here submit their national ID numbers to Korean Web sites due to local laws requiring them to make verifiable real-name registrations for virtually every type of Internet activity, not only for encrypted communications like e-commerce, online banking and e-government services but also casual tasks like e-mail and blogging.

No comments:

Post a Comment