[Editorial] Centralize the effort to combat cyber warfare

North Korea collected information on South Korea by impersonating reporters covering President Yoon Suk-yeol’s transition committee or posing as officials from the Korea National Diplomacy Academy or secretaries of Rep. Thae Young-ho, a North Korean defector and a member of the governing People Power Party. After a North Korean hacking group sent emails to 892 South Korean experts in diplomacy, unification, security and defense from April to October, 49 of them connected to a phishing site and handed over their sensitive documents to the hacking group in the North.

The intelligence authorities found that North Korea’s hacking of the Korea Hydro & Nuclear Power Co. (KHNP) in 2014 and the sending of emails in the name of the National Security Office in 2016 were also conducted by the hacking group named “Kimsuky.” The hacking group also planted malware in computers for users not to be able to use important data and demanded money from them. As a result, two out of the 13 small companies under attack had to pay money to the hackers.

The North’s cyber hacking and attacks are nothing new. According to the National Intelligence Service (NIS), North Korea carried out 600,000 attempts at hacking on South Korea this year alone, primarily to steal defense technology data. Since hacking cryptocurrency-trading sites from 2017, North Korea made more than 1.5 trillion won ($1.17 billion), including in South Korea, to help finance its missile development.

North Korean leader Kim Jong-un has made it official. He suggested the possibility of using cyberwar in times of crisis after comparing cyberwarfare to an “almighty weapon together with nuclear weapons and missiles.” The weight of cyberwar was proven in the Russia-Ukraine war. Two months before the aggression, Russia spread malware to major institutions in Ukraine to damage its defense capabilities. One month before the invasion, Russian hacking groups penetrated the network of the Ukraine government and financial systems of the private sector. Shortly before and after the invasion, Russia hacked most of those systems.

Despite the top-caliber IT infrastructure in South Korea, questions remain over whether the country can deal with these attacks. A big problem is the lack of an integral system to effectively cope with cyber threats from the North. In the South, the NIS is responsible for cybersecurity for the public sector, the Korea Internet & Security Agency for the private sector, and the Cyber Command for the military. We must establish a combined command center at a national level just like the United States, Japan and China.

Eleven bills related to the installation of a cybersecurity control center have been proposed since 2006. But they could not be passed due to deepening concerns about the NIS using the center as a means to spy on officials and ordinary citizens. The top spy agency plans to enact a law to set up an integral body in it, where the national security adviser serves as the chief. According to its proposal, the presidential office takes final responsibility for cyber defense and the National Assembly oversees the organization. As national security and privacy and properties are at stake, the government and the legislature must discuss it quickly beyond partisan interest.