South Korean President Yoon Suk-yeol delivered a 29-minute address on Dec. 12, defending the Dec. 3 declaration of martial law as a necessary response to what he described as the opposition’s legislative and budgetary overreach. Unlike his previous address, this speech included direct criticism of the National Election Commission (NEC).
Yoon alleged that the NEC’s systems were severely compromised, citing North Korean hacking attempts and subsequent security vulnerabilities uncovered by the National Intelligence Service (NIS). He claimed the NEC initially resisted NIS inspections, citing its constitutional independence, but relented after public pressure stemming from a hiring scandal. According to Yoon, the inspections revealed fundamental security flaws, including weak passwords and ineffective firewalls, which he argued could potentially enable the manipulation of voter records and election results.
Shortly after the speech, the NEC refuted Yoon’s claims, calling them exaggerated or false. The NEC stated that no evidence of North Korean breaches in election systems had been found and emphasized that identified vulnerabilities had been resolved ahead of the 2024 general elections. The commission also asserted that multiple layers of oversight make actual electoral fraud impossible, even in theory. Additionally, the NEC criticized Yoon’s remarks, arguing they undermined the integrity of the election system that had validated his presidency.
In this feature, The Readable explores multiple stories related to election security, including the controversy surrounding the NEC.
1. [Oct. 10, 2023] North Korea hacked South Korea’s electoral regulator, intelligence agency reveals
A North Korean state-sponsored hacking group allegedly took over a private email account belonging to one of the workers at South Korea’s electoral regulator and misused it to steal confidential information, according to South Korea’s intelligence agency on Tuesday.
The National Intelligence Service (NIS) disclosed in a press briefing that in April of 2021 the North Korean hacking group known as Kimsuky conducted a targeted attack against a senior official who worked in the National Election Commission’s regional office. The attackers disguised themselves as fellow employees to trick the victim and compromised their computers with malicious code. The NIS did not reveal the details of the data that may have been obtained by the bad actors but stated that multiple pieces of information, including confidential documents, were breached. READ MORE
2. [Jan. 25, 2024] South Korea reinspects election security prior to general election
The National Intelligence Service of South Korea (NIS) is conducting a security inspection of the National Election Commission (NEC) from January 23 to 31, fortifying national cybersecurity ahead of the general election scheduled for April.
The NIS is undertaking the inspection to ensure that the security measures and requirements instituted after last year’s investigation have been fully implemented, according to a representative of the NEC.
Last year, the NEC had its first security inspection, which occurred over three month’s time. As a result of the inspection, conducted by the NIS and the Korea Internet & Security Agency (KISA), a number of security vulnerabilities were discovered in the voting system. After the NIS revealed that the NEC system was vulnerable to ballot rigging and hacking, the NEC announced plans to improve its security posture. READ MORE
3. [Jan. 25, 2024] South Korea braces for cyberattack from North Korea, China, referring to ‘super-election year’
South Korea’s intelligence agency announced on Wednesday that it will thoroughly prepare to prevent North Korean and Chinese cyberattacks from influencing South Korea’s election.
On January 24, the National Intelligence Service (NIS) held a briefing at the National Cyber Security Center and stated that North Korea and China were identified as the main axes of cybersecurity threats to South Korea in 2023. Last year, the number of cyberattack attempts on South Korea’s public sector, conducted by state-sponsored hackers and international hacking groups, averaged 1.62 million per day. North Korea accounted for 80% of the total number of attempts, making it the most significant offender. READ MORE
4. [Jan. 31, 2024] Security outlook 2024: AI, Election, the Paris Olympics
The Readable reviewed more than 30 reports of cybersecurity predictions, published by vendors and public institutions, and pared them down to five topics: Artificial intelligence, election security, the Paris Olympics, persistent threats, and cyber insurance. Our reporters summarized each topic in approximately 300 words, based on the analysis provided by the original reports. The sources that were referenced can be found at the end of each topic, marked with a hashtag. There is also a full list of reports at the end of the articles. READ MORE
5. [Apr. 1, 2024] Google restricts political ads and AI answers on South Korean elections
Google has temporarily ceased the provision of political advertisements in South Korea in anticipation of the national assembly elections next week. Moreover, South Korean users will be unable to receive answers to election-related questions from the company’s artificial intelligence chatbot, Gemini.
In a statement on the company’s blog dated March 25, Google’s Korea team announced, “To comply with local regulations, we do not support political advertisements during the election period.” While the search giant did not specify the regulation it was adhering to, its decision appears to be influenced by the Public Official Election Act. According to this law, South Korea prohibits the use of unspecified methods for running advertisements, including broadcasters, newspapers, communications, magazines, or other periodicals for election campaigning. READ MORE
6. [Apr. 9, 2024] Rise in fake news as South Korean elections draw near
As election day draws near in South Korea, there has been a noticeable increase in the spread of fake news related to the elections.
The Korean National Police Agency (KNPA) has recently announced that, as of March 26, they have apprehended 895 individuals suspected of attempting to influence the upcoming elections. Notably, 436 of these suspects were found to be disseminating false information, representing 48.7% of the total number accused.
Furthermore, the Korean Prosecution Service (KPS) disclosed in a January press release that they have charged 113 election-related cases. These include incidents where false information was distributed to journalists through email. READ MORE
7. [Apr. 11, 2024] Election Commission identifies over 72,000 instances of misinformation about candidates
South Korea’s election regulatory agency announced on Wednesday that it had requested the removal of over 72,000 instances of false information regarding potential lawmakers ahead of the general election.
The National Election Commission (NEC) reported in a press release that it had identified 72,964 instances of violations against the country’s election laws from October 25 of last year to April 9, the day before the election. According to the Public Official Election Act, spreading misleading information about election candidates and their family members is strictly forbidden. The commission also stated that it had demanded the removal of all such unlawful content. READ MORE
8. [Apr. 18, 2024] Security in numbers: 388 deepfakes appeared in South Korean elections
In December of last year, South Korea amended the Public Official Election Act to safeguard the nation from potential harm that artificial intelligence might pose to upcoming elections.
The newly instituted Article 82-8 of the law states, “No one may produce, edit, distribute, screen, or post deepfake videos for election campaigning purposes from 90 days before election day to election day itself.” This prohibition took effect on January 29. READ MORE
Editor’s note: This week’s weekend briefing has been replaced with this feature article.
