South Korea braces for cyberattack from North Korea, China, referring to ‘super-election year’

By Chanwoo Yong, The Readable
Jan. 25, 2024 9:50PM GMT+9

South Korea’s intelligence agency announced on Wednesday that it will thoroughly prepare to prevent North Korean and Chinese cyberattacks from influencing South Korea’s election.

On January 24, the National Intelligence Service (NIS) held a briefing at the National Cyber Security Center and stated that North Korea and China were identified as the main axes of cybersecurity threats to South Korea in 2023. Last year, the number of cyberattack attempts on South Korea’s public sector, conducted by state-sponsored hackers and international hacking groups, averaged 1.62 million per day. North Korea accounted for 80% of the total number of attempts, making it the most significant offender.

The NIS further stated that a significant portion of the threat directed at South Korea emanates from China, which has emerged as a major disruptor. The intelligence agency reported that although just 5% of detected and responded to cyberattacks were traced to China, these incidents represented 21% of the overall severity, considering factors like the extent of damage, significance of the targeted entities, and the methods used, placing China as the second most severe threat after North Korea. Additionally, the NIS revealed that last year, Chinese marketing firms created around 200 websites, impersonating South Korean media outlets. These sites posted pro-China and anti-United States content, which was spread through social network services by influencers.

The NIS predicts that North Korea and China will continue their aggressive campaigns against South Korea, using strategies that include disseminating fake news, producing deepfake videos, and trying to breach the election system. These actions are intended to promote national division, diminish confidence in the government, and interfere with the democratic process. “Considering that it marks a super-election year, the latest briefing is to emphasize the need in strengthening our guard,” said an official of the NIS to The Readable. This year, elections are being held in 76 countries worldwide, including South Korea’s national assembly election in April and the United States’ presidential election in November.

Furthermore, the NIS said that they will closely monitor Chairman Kim Jong-un’s directives to effectively counter North Korea’s cyberattacks. The NIS discussed the characteristics of North Korean cyberattacks, emphasizing their adaptability in response to Kim. Following Kim’s orders early last year to solve the food shortage problem, North Korean hackers intensively targeted South Korean agricultural and fishery organizations. After a directive issued last August to bolster North Korea’s naval strength, they infiltrated South Korean shipbuilding companies and stole blueprints and designs. And last October, subsequent to Kim’s orders to enhance drone production, they continued to collect data on drone engines.

The agency also disclosed plans to collaborate with related organizations to prepare for these attempts to destabilize the government during this election. The NIS has commenced joint security inspections with the National Election Commission and initiated checks on the adequacy of subsequent security measures. A task force titled “Public-Private Joint Network Security Policy Improvement Task Force,” comprising related agencies and cybersecurity experts from industry, academia, and research sectors, has been established to transition to a multi-layered security system and develop graded security policies. Plans have also been made to set up a joint response system for hacking attacks that cause digital disruptions, including the paralysis of administrative computer networks.

The cover image of this article was designed by Sangseon Kim. This article was edited by Dain Oh and copyedited by Arthur Gregory Willers.

Chanwoo Yong is a reporting intern for The Readable. Majoring in cybersecurity at Korea University, Yong has an intense interest in cybercrime and cybercriminals as well as a passion for making cybersecurity and its surrounding issues understandable to the general reader. Yong aspires to become a bridge between cybersecurity experts and the public by translating the experts’ language into layman’s terms the public can understand. Yong has worked as a data engineer for an AI Platform belonging to Korea University Anam Hospital, where he participated in research titled “Deep Learning-Based Prediction Model for Gait Recovery after Spinal Cord Injury.”