SK Shieldus emphasized that as cyber attacks become more sophisticated with the rise of artificial intelligence (AI), a company's security competitiveness relies not only on its ability to prevent attacks but also on how quickly and accurately it can respond after an incident occurs.
On June 18, SK Shieldus announced the release of a technical report analyzing real investigation cases from its incident response team, Top-CERT, ahead of Information Security Month in July.
According to the report, the number of reported cyber incidents in South Korea surged to 2,383 in 2025, nearly doubling from 1,277 in 2023. As attacks become more advanced, the ability to accurately identify the causes, infiltration routes, and extent of damage has emerged as a core aspect of a company's security competitiveness.
The report pointed out that while many companies invest in security solutions and preventive measures, they often focus on restoring services after an incident occurs, neglecting to thoroughly investigate the infiltration routes and internal spread. This oversight increases the likelihood of reinfection or repeated breaches exploiting the same vulnerabilities.
Top-CERT highlighted through actual incident response cases that investigating cyber incidents is not merely about damage control but is a crucial investment to protect a company's financial assets and brand trust. The report included examples of ransomware attacks where memory forensics were used to obtain decryption keys, allowing data recovery without paying ransoms, and cases where restored logs helped quantify the extent of personal data breaches, reducing excessive compensation costs and confusion.
Additionally, the report detailed instances where the initial infiltration routes of manufacturing companies repeatedly infected with ransomware were identified to prevent reinfection, as well as cases where supply chain attacks were traced back to the attackers' cloud storage to confirm actual data breaches. These examples illustrate that identifying the causes of incidents, determining the extent of damage, and establishing prevention systems are key elements in enhancing a company's cyber resilience.
Kim Byung-moo, Vice President of Cybersecurity at SK Shieldus, stated, "Today, a company's security competitiveness is determined not only by how well it can prevent attacks but also by how quickly and accurately it can respond after an incident occurs. Investigating cyber incidents is not just a cost for damage control; it is an essential investment to protect a company's core assets and brand trust."
* This article has been translated by AI.
Copyright ⓒ Aju Press All rights reserved.