Your weekly dose of Seriously Risky Business news is written by Tom Uren and edited by Patrick Gray. It's supported by Lawfare with help from the William and Flora Hewlett Foundation. This week's edition is sponsored by Rad Security. You can hear a podcast discussion of this newsletter by searching

When Regulation Encourages ISPs to Hack Their Customers

Highlights

KT, formerly Korea Telecom, has been accused of deliberately infecting 600,000 of its own customers with malware to reduce peer-to-peer file sharing traffic. This is a bizarre hack and a great case study of how government regulation has distorted the South Korean internet.

South Korean media outlet JTBC reported last month that KT had infected customers who were using Korean cloud data storage services known as ‘webhards’ (web hard drives). The malware disabled the webhard software, resulted in files disappearing and sometimes caused computers to crash.

JTBC news says the team involved “consisted of a ‘malware development’ section, a ‘distribution and operation’ section, and a ‘wiretapping’ section that looked at data sent and received by KT users in real time”.

The company‬ ‭claims that the people involved in the webhard hack were a small group operating independently. It’s just an amazing coincidence that they just happened to invest so much time and effort into a caper that aligned so well with KT’s financial interests!‬‭

South Korea has a ‘sender pays’ model in which ISPs must pay for traffic they send to other ISPs, breaking the worldwide norm of ‘settlement-free peering’, voluntary arrangements whereby ISPs exchange traffic without cost.

Once the sender pays rules were enforced, however, KT was left with large bills from its peer ISPs for the Facebook traffic sent from the cache in its network. KT tried to recoup costs from Facebook, but negotiations broke down and Facebook disabled the cache. South Korean users were instead routed over relatively expensive links to overseas caches with increased latency.

These sender pays rules may also encourage peer-to-peer file sharing relative to more centralised pirate content operations.

An unnamed sales manager from a webhard company told TorrentFreak torrent transfers saved them significant bandwidth costs, but as long as traffic flows between ISPs, someone will pay. KT is South Korea’s largest broadband provider, so since it has more customers, peer-to-peer file sharing means that the company has to pay fees to its competitor ISPs.

Either way, this is just a great example of where unusual regulation can produce unusual results.

fun