NIS agent dies in apparent suicide
The 45-year-old NIS employee, surnamed Yim, was discovered dead at around noon on Saturday in his red passenger car parked off an isolated hillside road in Yongin, Gyeonggi. He apparently inhaled toxic fumes from a coal briquette burned in the car’s interior.
Yim, who officials said was involved in the purchase of the controversial Italian hacking programs in 2012, left his house in Yongin at around 5 a.m. Saturday morning.
Five hours later, his wife reported to 119 that she thought her husband might have gotten into an accident and requested that his location be tracked.
Rescue workers and police tracked his whereabouts through his smartphone and eventually found him dead in his car 13 kilometers (8 miles) from his home.
Police said there were no indications of tampering with Yim’s car, or any suspicious marks on his body, and his death was most likely a suicide.
A three-page note, handwritten in blue ink on yellow, lined, A4-sized notepad paper, was found on the passenger seat of the car.
In the note, according to Yongin police on Sunday, Yim wrote that the NIS did not spy on ordinary South Koreans.
He also apologized for his involvement in deleting some materials from NIS files that he said were related to counterterrorism and North Korea surveillance.
Earlier this month, WikiLeaks released over 400 gigabytes of leaked data, including internal e-mails and invoices from Italian surveillance malware vendor Hacking Team, which indicated that Korea’s NIS was a client.
Opposition lawmakers and media raised allegations that the NIS was involved in purchasing hacking software from the Italian company to spy on ordinary Koreans, especially during the 2012 presidential campaign.
“I apologize to my colleagues and the public for the big controversy,” Yim wrote in the note described by police. “I had great ardor for my work, and also worked hard with a sense of duty as an employee … It seems my extreme overzealousness in regard to my work brought about today’s situation.”
He continued, “There really was no monitoring of our people or relation to elections.”
In terms of the deletion of the materials, Yim wrote that he decided “preserving the status of the NIS was more important than any external impact” the deletions might have. He said he “deleted any material that could cause misunderstandings related to counterterrorism and North Korea operations.”
“It was a mistake due to my lack of judgement. However, there is nothing to worry about in regards to my actions, including this one,” he wrote.
The phrases “North Korea” and “cause any misunderstandings” were inserted into the sentence with arrows, indicating Yim may have deliberated over the note.
Police determined the cause of Yim’s death after an autopsy by the National Forensic Service Sunday afternoon. They said his death was from “poisoning by carbon monoxide.”
Opposition lawmakers immediately began raising questions about Yim’s suicide and the files he claimed to have deleted.
Ruling Saenuri Party lawmakers Rep. Lee Cheol-woo, said on Sunday that the deleted data was “100 percent retrievable” and that the content would be revealed when digitally restored.
He told reporters, “It seems as if [Yim] felt a lot of pressure.”
Lee added that the NIS said Yim may have deleted the data because he “may have been very worried that counterterrorism operations and North Korea agent targets will be revealed.”
However, opposition lawmakers again raised allegations that South Korean civilians may have been the target of NIS surveillance.
Last Tuesday, the National Assembly convened an intelligence committee session to question the current NIS chief about the revelations.
Lee Byung-ho, director of the NIS, told lawmakers that the agency did purchase remote control system (RCS) software in 2012, but said it was used to counter North Korean intelligence and for research purposes. He added that ordinary South Korean people were never spied on.
The RCS programs are used to hack into targets’ computers and mobile devices and monitor them.
The opposition continued to question the legality of the purchase of the programs and their management. On Wednesday, the opposition party formed an internal committee of lawmakers and civilian experts to probe the NIS controversy led by software mogul-turned politician Ahn Cheol-soo.
Lawmakers for the main opposition New Politics Alliance for Democracy (NPAD) raised new allegations on Sunday that two leaked Hacking Team log files showed that 138 South Korean IP addresses had been accessed.
The two files were dated March 4, 2014 and had durations of two minutes each.
The NPAD added that the accessed IP addresses could be tracked to telecommunications providers such as KT, schools such as Seoul National University and Kyungpook National University, media such as KBS and civilian IT firms such as Daum Kakao.
Last week, opposition lawmakers accused the NIS of using the programs to monitor civilians through their smartphones and messenger application KakaoTalk, based on leaked data from March 27, 2014.
The opposition party questioned the NIS claims that the hacking programs were used to collect information on North Korean agents or for research purposes. It added that it made no sense that the RCS software “could only track at most 20 people as the NIS claims.”
The NIS, however, said it was “unrelated” to KBS and other IP addresses appearing in the Hacking Team’s log files.
In a press conference Sunday at the National Assembly, former presidential candidate Ahn said, “A National Assembly intelligence committee or a special committee needs to hold a hearing so that NIS employees [related to the hacking program purchases], Nanatech and if needed, the Italian Hacking Team, can clear up the truth.
E-mail exchanges show that Nanatech, a Korean communications company, apparently served as an intermediary between the NIS and Hacking Team.
On Yim’s death, Ahn said, “Investigative authorities need to conduct a thorough probe and reveal the reason why he ended his life.”
BY SARAH KIM, KIM HYOUNG-GU [email@example.com]