KOMSCO (한국조폐공사)
Company Details
Linkedin ID:
komsco
Website:
Employees number:
21
Number of followers:
864
NAICS:
30
Industry Type:
Homepage:
komsco.com
IP Addresses:
0
Company ID:
KOM_1184491
Scan Status:
In-progress
KOMSCO (한국조폐공사) Company CyberSecurity Posture
komsco.com
Since 1951, Korea Minting, Security Printing & ID Card Operating Corporation (KOMSCO) has been at the forefront of safeguarding the future. As South Korea's leading state-owned enterprise, we craft high-value products, including currency, ID cards, and security documents, that are essential to the nation’s economy and infrastructure. Our commitment to cutting-edge technology and unwavering quality has made us a trusted partner, both at home and abroad. But we’re not just about tradition—we’re about transformation. KOMSCO is pioneering the future with digital currency, blockchain technology, and sustainable production practices that redefine global standards. Our dedication to innovation and social responsibility ensures that we’re not only protecting what matters today but also building a safer, more secure tomorrow. Follow us to stay updated on how we’re driving the future of security and innovation. Discover opportunities, insights, and the latest developments that set KOMSCO apart in the global marketplace. Together, we can create a world where safety and trust are never compromised. Ready to explore the future with us? Follow KOMSCO now and be part of our journey.
KOMSCO (한국조폐공사) A.I CyberSecurity Scoring
KOMSCO (한국조폐공사) Risk Score (AI oriented)Between 650 and 699
KOMSCO (한국조폐공사)
Updated:
- Powered by our proprietary A.I cyber incident model
- Insurance preferes TPRM score to calculate premium
KOMSCO (한국조폐공사) Global Score (TPRM)XXXX
KOMSCO (한국조폐공사)
- Instant access to detailed risk factors
- Benchmark vs. industry & size peers
- Vulnerabilities
- Findings
KOMSCO (한국조폐공사) Company CyberSecurity News & History
Past Incidents
1
Attack Types
1
South Korean Postal Service
Ransomware
Rankiteo Explanation
Attack threatening the organization's existence
Description: The North Korean state-sponsored APT group ScarCruft launched a sophisticated malware campaign targeting South Korean users through a deceptive postal-code update notice. The attack involved a multi-stage infection process, including the deployment of ransomware (VCD Ransomware) alongside traditional espionage tools. The campaign utilized advanced techniques such as Rust-based backdoors and legitimate real-time messaging services for command-and-control, marking a significant evolution in ScarCruft's operational capabilities. The attack compromised user data and introduced ransomware, posing a severe threat to both financial and operational security.
KOMSCO (한국조폐공사) Company Scoring based on AI Models
Cyber Incidents Likelihood 3 - 6 - 9 months
A.I Risk Score Likelihood 3 - 6 - 9 months
Underwriter Stats for KOMSCO (한국조폐공사)
Incidents vs Manufacturing Industry Average (This Year)
KOMSCO (한국조폐공사) has 42.86% more incidents than the average of same-industry companies with at least one recorded incident.
Incidents vs All-Companies Average (This Year)
KOMSCO (한국조폐공사) has 53.85% more incidents than the average of all companies with at least one recorded incident.
Incident Types KOMSCO (한국조폐공사) vs Manufacturing Industry Avg (This Year)
KOMSCO (한국조폐공사) reported 1 incidents this year: 0 cyber attacks, 1 ransomware, 0 vulnerabilities, 0 data breaches, compared to industry peers with at least 1 incident.
Incident History — KOMSCO (한국조폐공사) (X = Date, Y = Severity)
KOMSCO (한국조폐공사) cyber incidents detection timeline including parent company and subsidiaries
KOMSCO (한국조폐공사) Company Subsidiaries
Since 1951, Korea Minting, Security Printing & ID Card Operating Corporation (KOMSCO) has been at the forefront of safeguarding the future. As South Korea's leading state-owned enterprise, we craft high-value products, including currency, ID cards, and security documents, that are essential to the nation’s economy and infrastructure. Our commitment to cutting-edge technology and unwavering quality has made us a trusted partner, both at home and abroad. But we’re not just about tradition—we’re about transformation. KOMSCO is pioneering the future with digital currency, blockchain technology, and sustainable production practices that redefine global standards. Our dedication to innovation and social responsibility ensures that we’re not only protecting what matters today but also building a safer, more secure tomorrow. Follow us to stay updated on how we’re driving the future of security and innovation. Discover opportunities, insights, and the latest developments that set KOMSCO apart in the global marketplace. Together, we can create a world where safety and trust are never compromised. Ready to explore the future with us? Follow KOMSCO now and be part of our journey.
Loading...
KOMSCO (한국조폐공사) Similar Companies
Mattel, Inc.
We empower generations to explore the wonder of childhood and reach their full potential. We treat play as if the future depends on it — because it does. Play is our language, and we speak to our consumers authentically by representing the world as they see and imagine it. Mattel is a leading glob
Celestica enables the world's best brands. Through our unrivaled customer-centric approach, we partner with leading companies in aerospace and defense, communications, enterprise, healthtech, industrial, capital equipment, and smart energy to deliver solutions for their most complex challenges. A le
Be part of the world’s most successful, purpose-led business. Work with brands that are well-loved around the world, that improve the lives of our consumers and the communities around us. We promote innovation, big and small, to make our business win and grow; and we believe in business as a force f
Colgate-Palmolive
Make More Smiles. We are Colgate-Palmolive, a caring, innovative growth company that is reimagining a healthier future for all people, their pets and our planet. For over 200 years, we've poured our care into creating a future where everyone has more reasons to smile. CP People develop, produce, dis
BSH Home Appliances Group
BSH is home to both globally established Appliance Brands*, such as Bosch, Siemens, Gaggenau, and Neff, in addition to seven local brands. With our Ecosystem Brand Home Connect and Service Brands such as Simply Yummy and BlueMovement, we offer consumers digital services and sustainable solutions to
Henkel
Henkel operates worldwide with leading innovations, brands and technologies in two business areas: Adhesive Technologies and Consumer Brands. Founded in 1876, Henkel looks back on more than 145 years of success. The company holds leading positions with its two business units in both industrial and
Tupy is a Brazilian company specialized in developing and manufacturing highly-engineered structural cast iron components applied to complex metallurgical and geometrical components extensively used in capital goods that serve freight transport, construction industry, agriculture and many others in
Electrolux Group
Electrolux Group is a leading global appliance company that has shaped living for the better for more than 100 years. We reinvent taste, care and wellbeing experiences for millions of people, always striving to be at the forefront of sustainability in society through our solutions and operations. Un
Arçelik Türkiye
Arçelik Türkiye olarak, "Dünyaya Saygılı Dünyada Saygın" misyonuyla yola çıkıyoruz ve teknoloji, insan kaynağı ve üretim gücümüzü sürdürülebilir bir gelecek için kullanıyoruz. 1955 yılında başlayan yolculuğumuz bugün, 22 marka, 46 üretim tesisi, 55.000 çalışan ve 58 ülkedeki 125 iştirak ile global
.png)
KOMSCO (한국조폐공사) CyberSecurity News
December 09, 2025 08:00 PM
PNW's College of Technology receives grants to support cybersecurity education, workforce development
HAMMOND/WESTVILLE — Purdue University Northwest's (PNW) College of Technology has been awarded more than $3 million through two separate...
December 09, 2025 07:49 PM
Alert Long Beach compromised in cybersecurity attack
The City of Long Beach announced Tuesday that the “Alert Long Beach” emergency alert platform was recently impacted by a cybersecurity...
December 09, 2025 07:18 PM
Most organizations plan to ramp up cybersecurity: Marsh
Nearly two-thirds of organizations globally plan to increase their cybersecurity spending next year, with more than a quarter expecting to...
December 09, 2025 07:00 PM
Did you know a single image file can compromise your entire phone? Cybercriminals now embed malicious code inside pictures, exploiting vulnerabilities in mobile devices. Once opened, these images can: • Install malware or spyware • Steal sensitive data •
December 09, 2025 06:58 PM
Cybersecurity Leadership Gaps Threaten Most Vulnerable Credit Unions, SBS CyberSecurity Finds
PRNewswire/ -- Despite regular risk assessments, the nation's most vulnerable credit unions — those with assets under $150 million — remain...
December 09, 2025 06:40 PM
Chart of the Day: One Name May Move the Cybersecurity Group This Week
The sector has stalled out, but the most 'influential' stock in the cybersecurity ETF reports earnings on Thursday.
December 09, 2025 06:38 PM
Cybersecurity Experts Share One Big Warning for Your Business Ahead of Holiday Break
America's cyber defense agency released advice for those leaving their work devices behind during the holidays.
December 09, 2025 06:34 PM
Rising Third-Party Risks and Persistent Ransomware Threats Drive Increased Cybersecurity Investments in 2026: Marsh Report
NEW YORK--(BUSINESS WIRE)--In a global cyber environment marked by major security lapses, cyberattacks, and technology outages, new research...
December 09, 2025 06:21 PM
Global firms to boost cybersecurity spending in 2026, Marsh report finds
Organizations worldwide plan to ramp up cybersecurity spending in 2026, with nearly two-thirds (66%) expecting to increase investments,...
Frequently Asked Questions
Explore insights on cybersecurity incidents, risk posture, and Rankiteo's assessments.
KOMSCO (한국조폐공사) CyberSecurity History Information
Official Website of KOMSCO (한국조폐공사)
The official website of KOMSCO (한국조폐공사) is http://www.komsco.com.
KOMSCO (한국조폐공사)’s AI-Generated Cybersecurity Score
According to Rankiteo, KOMSCO (한국조폐공사)’s AI-generated cybersecurity score is 663, reflecting their Weak security posture.
How many security badges does KOMSCO (한국조폐공사)’ have ?
According to Rankiteo, KOMSCO (한국조폐공사) currently holds 0 security badges, indicating that no recognized compliance certifications are currently verified for the organization.
Does KOMSCO (한국조폐공사) have SOC 2 Type 1 certification ?
According to Rankiteo, KOMSCO (한국조폐공사) is not certified under SOC 2 Type 1.
Does KOMSCO (한국조폐공사) have SOC 2 Type 2 certification ?
According to Rankiteo, KOMSCO (한국조폐공사) does not hold a SOC 2 Type 2 certification.
Does KOMSCO (한국조폐공사) comply with GDPR ?
According to Rankiteo, KOMSCO (한국조폐공사) is not listed as GDPR compliant.
Does KOMSCO (한국조폐공사) have PCI DSS certification ?
According to Rankiteo, KOMSCO (한국조폐공사) does not currently maintain PCI DSS compliance.
Does KOMSCO (한국조폐공사) comply with HIPAA ?
According to Rankiteo, KOMSCO (한국조폐공사) is not compliant with HIPAA regulations.
Does KOMSCO (한국조폐공사) have ISO 27001 certification ?
According to Rankiteo,KOMSCO (한국조폐공사) is not certified under ISO 27001, indicating the absence of a formally recognized information security management framework.
Industry Classification of KOMSCO (한국조폐공사)
KOMSCO (한국조폐공사) operates primarily in the Manufacturing industry.
Number of Employees at KOMSCO (한국조폐공사)
KOMSCO (한국조폐공사) employs approximately 21 people worldwide.
Subsidiaries Owned by KOMSCO (한국조폐공사)
KOMSCO (한국조폐공사) presently has no subsidiaries across any sectors.
KOMSCO (한국조폐공사)’s LinkedIn Followers
KOMSCO (한국조폐공사)’s official LinkedIn profile has approximately 864 followers.
NAICS Classification of KOMSCO (한국조폐공사)
KOMSCO (한국조폐공사) is classified under the NAICS code 30, which corresponds to Manufacturing.
KOMSCO (한국조폐공사)’s Presence on Crunchbase
No, KOMSCO (한국조폐공사) does not have a profile on Crunchbase.
KOMSCO (한국조폐공사)’s Presence on LinkedIn
Yes, KOMSCO (한국조폐공사) maintains an official LinkedIn profile, which is actively utilized for branding and talent engagement, which can be accessed here: https://www.linkedin.com/company/komsco.
Cybersecurity Incidents Involving KOMSCO (한국조폐공사)
As of December 09, 2025, Rankiteo reports that KOMSCO (한국조폐공사) has experienced 1 cybersecurity incidents.
Number of Peer and Competitor Companies
KOMSCO (한국조폐공사) has an estimated 7,802 peer or competitor companies worldwide.
What types of cybersecurity incidents have occurred at KOMSCO (한국조폐공사) ?
Incident Types: The types of cybersecurity incidents that have occurred include Ransomware.
Incident Details
Can you provide details on each incident ?
Title: ScarCruft Malware Campaign Targeting South Korean Users
Description: The North Korean state-sponsored Advanced Persistent Threat (APT) group ScarCruft has launched a sophisticated new malware campaign targeting South Korean users through a deceptive postal-code update notice. This campaign includes ransomware and advanced espionage tools, showcasing significant evolution in the group's operational capabilities.
Type: Malware Campaign, Ransomware, Espionage
Attack Vector: Malicious LNK file embedded in a RAR archive, disguised as a postal service notification
Threat Actor: ScarCruft (APT group), ChinopuNK (subgroup)
Motivation: Espionage, Financial Gain
What are the most common types of attacks the company has faced ?
Common Attack Types: The most common types of attacks the company has faced is Ransomware.
How does the company identify the attack vectors used in incidents ?
Identification of Attack Vectors: The company identifies the attack vectors used in incidents through Malicious LNK file in a RAR archive.
Impact of the Incidents
Which entities were affected by each incident ?
Incident : Malware Campaign, Ransomware, Espionage KOM917080725
Entity Type: Individuals, Organizations
Location: South Korea
Ransomware Information
Was ransomware involved in any of the incidents ?
Incident : Malware Campaign, Ransomware, Espionage KOM917080725
Ransomware Strain: VCD Ransomware
Data Encryption: Files encrypted with .VCD extension
References
Where can I find more information about each incident ?
Incident : Malware Campaign, Ransomware, Espionage KOM917080725
Source: Medium
Where can stakeholders find additional resources on cybersecurity best practices ?
Additional Resources: Stakeholders can find additional resources on cybersecurity best practices at and Source: Medium.
Initial Access Broker
How did the initial access broker gain entry for each incident ?
Incident : Malware Campaign, Ransomware, Espionage KOM917080725
Entry Point: Malicious LNK file in a RAR archive
Backdoors Established: NubSpy, CHILLYCHINO
Additional Questions
General Information
Who was the attacking group in the last incident ?
Last Attacking Group: The attacking group in the last incident were an ScarCruft (APT group) and ChinopuNK (subgroup).
References
What is the most recent source of information about an incident ?
Most Recent Source: The most recent source of information about an incident is Medium.
Initial Access Broker
What was the most recent entry point used by an initial access broker ?
Most Recent Entry Point: The most recent entry point used by an initial access broker was an Malicious LNK file in a RAR archive.
.png)
Latest Global CVEs (Not Company-Specific)
Description
Tuleap is a free and open source suite for management of software development and collaboration. Versions of Tuleap Community Edition prior to 17.0.99.1763126988 and Tuleap Enterprise Edition prior to 17.0-3 and 16.13-8 have missing CSRF protections which allow attackers to create or remove tracker triggers. This issue is fixed in Tuleap Community Edition version 17.0.99.1763126988 and Tuleap Enterprise Edition versions 17.0-3 and 16.13-8.
Risk Information
cvss3
Base: 4.6
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:L
References
- https://github.com/Enalean/tuleap/commit/71d427b0f7ed8fa269a5ee6f7a557cf3dfc99cd4
- https://github.com/Enalean/tuleap/security/advisories/GHSA-f2xv-x3g6-4j9p
- https://tuleap.net/plugins/git/tuleap/tuleap/stable?a=commit&h=71d427b0f7ed8fa269a5ee6f7a557cf3dfc99cd4
- https://tuleap.net/plugins/tracker/?aid=45618
Description
Tuleap is a free and open source suite for management of software development and collaboration. Tuleap Community Editon versions prior to 17.0.99.1762456922 and Tuleap Enterprise Edition versions prior to 17.0-2, 16.13-7 and 16.12-10 are vulnerable to CSRF attacks through planning management API. Attackers have access to create, edit or remove plans. This issue is fixed in Tuleap Community Edition version 17.0.99.1762456922 and Tuleap Enterprise Edtion versions 17.0-2, 16.13-7 and 16.12-10.
Risk Information
cvss3
Base: 4.6
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:L
References
- https://github.com/Enalean/tuleap/commit/1734a7bb2964042310ddc3f6dd7b4c82eee27526
- https://github.com/Enalean/tuleap/security/advisories/GHSA-9h47-jg7r-ww7x
- https://tuleap.net/plugins/git/tuleap/tuleap/stable?a=commit&h=1734a7bb2964042310ddc3f6dd7b4c82eee27526
- https://tuleap.net/plugins/tracker/?aid=45592
Description
Tuleap is an Open Source Suite for management of software development and collaboration. Tuleap Community Edition versions below 17.0.99.1762444754 and Tuleap Enterprise Edition versions prior to 17.0-2, 16.13-7 and 16.12-10 allow attackers trick victims into changing tracker general settings. This issue is fixed in version Tuleap Community Edition version 17.0.99.1762444754 and Tuleap Enterprise Edition versions 17.0-2, 16.13-7 and 16.12-10.
Risk Information
cvss3
Base: 4.6
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:L
References
- https://github.com/Enalean/tuleap/commit/993316dd6a291bb3937cb7a4571eaab0e7d55370
- https://github.com/Enalean/tuleap/security/advisories/GHSA-vxfh-h8p6-p5rg
- https://tuleap.net/plugins/git/tuleap/tuleap/stable?a=commit&h=993316dd6a291bb3937cb7a4571eaab0e7d55370
- https://tuleap.net/plugins/tracker/?aid=45593
Description
Tuleap is an Open Source Suite for management of software development and collaboration. Versions below 17.0.99.1762431347 of Tuleap Community Edition and Tuleap Enterprise Edition below 17.0-2, 16.13-7 and 16.12-10 allow attackers to access file release system information in projects they do not have access to. This issue is fixed in version 17.0.99.1762431347 of the Tuleap Community Edition and versions 17.0-2, 16.13-7 and 16.12-10 of Tuleap Enterprise Edition.
Risk Information
cvss3
Base: 6.5
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
References
- https://github.com/Enalean/tuleap/commit/403eb69f4cfafe52254c8f9bdbe66e1fedadc254
- https://github.com/Enalean/tuleap/security/advisories/GHSA-v6vm-6rxf-7p2v
- https://tuleap.net/plugins/git/tuleap/tuleap/stable?a=commit&h=403eb69f4cfafe52254c8f9bdbe66e1fedadc254
- https://tuleap.net/plugins/tracker/?aid=45583
Description
IBM watsonx.data 2.2 through 2.2.1 could allow an authenticated user to cause a denial of service through ingestion pods due to improper allocation of resources without limits.
Risk Information
cvss3
Base: 6.5
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Access Data Using Our API
Get company history
curl -i -X GET 'https://api.rankiteo.com/underwriter-getcompany-history?linkedin_id=komsco' -H 'apikey: YOUR_API_KEY_HERE'
RapidWhat Do We Measure ?
Incident
Finding
Grade
Digital Assets
Every week, Rankiteo analyzes billions of signals to give organizations a sharper, faster view of emerging risks. With deeper, more actionable intelligence at their fingertips, security teams can outpace threat actors, respond instantly to Zero-Day attacks, and dramatically shrink their risk exposure window.
These are some of the factors we use to calculate the overall score:
Network Security
Identify exposed access points, detect misconfigured SSL certificates, and uncover vulnerabilities across the network infrastructure.
SBOM (Software Bill of Materials)
Gain visibility into the software components used within an organization to detect vulnerabilities, manage risk, and ensure supply chain security.
CMDB (Configuration Management Database)
Monitor and manage all IT assets and their configurations to ensure accurate, real-time visibility across the company's technology environment.
Threat Intelligence
Leverage real-time insights on active threats, malware campaigns, and emerging vulnerabilities to proactively defend against evolving cyberattacks.
Rankiteo is a unified scoring and risk platform that analyzes billions of signals weekly to help organizations gain faster, more actionable insights into emerging threats. Empowering teams to outpace adversaries and reduce exposure.
