Cyberattacks against South Korea’s weather agency spiked

By Kuksung Nam, The Readable
Oct. 5, 2023 10:38PM GMT+9 Updated Oct. 5, 2023 10:43PM GMT+9

South Korea’s weather agency is facing a wave of increase in bad actors who are trying to infiltrate the agency and its relevant organizations.

The Korea Meteorological Administration (KMA) detected more than 4,000 cases of cyberattacks deployed against the organization and its 18 affiliated offices last year, according to South Korean lawmaker Woo Won-shik on Thursday. The number spiked nearly 278% compared to six years ago. The lawmaker stated that KMA discovered 1,095 cases of hacking attempts in 2016.

Bad actors adopted multiple methods to gain access to their target over the past several years. In more than half of the total discoveries, cybercriminals tried to abuse the security flaws in the agency’s websites. The hackers also attempted to gain unauthorized access to the administration pages and applied scanning tools to find the information they needed such as the server’s vulnerabilities. Woo stated that South Korea’s weather agency saw a decrease in hacking attempts using computer viruses which recorded 56 cases in 2016 and 4 cases in 2022 respectively.

Cybercriminals appear to continue their efforts to compromise South Korea’s weather agency this year. According to Woo, more than 2,500 cases of hacking attempts were conducted against the targets from January to August. In addition, the South Korean intelligence agency revealed in July that they discovered malware embedded inside a measuring instrument made in China the month before. According to the country’s news outlets, the device was originally purchased by the KMA.

The lawmaker asserted that the workforce in the KMA’s cyber security center should increase to effectively protect valuable assets and information generated internally. The KMA opened the security center in 2010 to swiftly defend the organization from advanced cyber threats. The lawmaker’s office also criticized the insufficient workforce last year which was ranked second to last among six cyber security centers operated by six different government organizations in 2021.

The KMA explained to The Readable that they successfully blocked all the hacking attempts targeting the organization and its affiliated offices. Furthermore, an official of the KMA clarified that they were not impacted by the Chinese-made device, but noted that they could not disclose further details as the case is still undergoing investigation.

The cover image of this article was designed by Sangseon Kim.

Kuksung Nam is a journalist for The Readable. She has extensively traversed the globe to cover the latest stories on the cyber threat landscape and has been producing in-depth stories on security and privacy by engaging with industry giants, foreign government officials and experts. Before joining The Readable, Kuksung reported on politics for one of South Korea’s top-five local newspapers, The Kyeongin Ilbo. Her journalistic skills and reportage earned her the coveted Journalists Association of Korea award in 2021 for her essay detailing exclusive stories about the misconduct of a former government official. She holds a Bachelor’s degree in French from Hankuk University of Foreign Studies, a testament to her linguistic capabilities.