
Database management system (DBMS) 'Tibero 7' that was targeted by cyber attacks [Reporter Kwon Je-in/eyre@]
[Herald Economy=Reporter Kwon Je-in] It has been confirmed that Tmaxsoft Tibero, a domestic database (DB) specialist company, was hacked but failed to recognize the attack. Since the software was used by government agencies and major companies, concerns are being raised that lax security at IT companies could lead to greater damage.
According to Herald Economy's investigation on the 17th, it was confirmed that Tmaxsoft Tibero only became aware of the cyber attack after receiving notification from Gyeonggi Southern Police Agency's Security Cyber Investigation Division in July. Tibero Tmaxsoft subsequently reported the breach to the Korea Internet & Security Agency (KISA).
It was confirmed that Tibero Tmaxsoft was unable to specify the damage period even after reporting the incident.
The industry believes that hackers were attempting to use Tmaxsoft Tibero's software to hack into national, public agencies, and companies.
'Tibero,' which had been replaced with malicious files, is a database management system (DBMS) used by approximately 1,400 customer companies including the Ministry of the Interior and Safety, the National Police Agency, Samsung Electronics, and Hyundai Motor. Tibero has achieved high market share, recording No. 1 sales among DBMS software on the Korea Public Procurement Service's Digital Service Mall for 8 consecutive years.
It was revealed that hackers hacked Tmaxsoft Tibero's customer support site and uploaded malicious files in place of Tibero 7 installation files. The structure allowed malicious code to be distributed when customer companies unknowingly downloaded the malicious files.
In particular, hackers deleted the malicious files and re-uploaded normal files to evade detection.
Tmaxsoft Tibero explained that it is conducting a comprehensive investigation of customer companies that downloaded the files through a joint investigation with KISA, with particular focus on customers who downloaded it within the past year. It was reported that no hacking damage has been confirmed at customer companies so far.
A Tmaxsoft Tibero official stated, “We discovered security shortcomings and recently completed reinforcements,” adding “We are responding in accordance with KISA guidelines.”
------------
V3, Hancom, TMAX... ultimately the government is feeding them all...
At this level, shouldn't they be imposing penalties...