Home > Opinion > Columns

When the gates of Goguryeo opened from within

Published: 11 Dec. 2025, 00:02

Chae Byung-gun

The author is an editorial writer of the JoongAng Ilbo.

More than 33 million Koreans had their personal data exposed in the massive information breach at Coupang. Unlike previous incidents involving hacking from the outside — such as the SKT USIM breach, KT’s illegal base-station access, or the Upbit hack — the Coupang case was triggered from within. According to the company’s criminal complaint, a former Chinese employee continued using his authentication key long after leaving the company and extracted information over an extended period. The episode shows that Coupang’s internal security controls failed to function. Shin Yong-tae, a computer science professor at Soongsil University, warned that companies must now consider the possibility that “an employee may have joined from the start with the intention of leaking information.”

Park Dae-jun, CEO of Coupang, offers a public apology as he leaves an emergency ministerial meeting on the company’s data breach held at the Seoul Government Complex on Nov. 30. [JOINT PRESS CORPS]

Internal breaches can be more destructive than external attacks. They remain common across sectors. The damage from the leak of Samsung Electronics’ 18-nanometer DRAM technology, indicted by prosecutors in October, is enormous. With the technology passed to a Chinese firm, Samsung is estimated to have lost as much as 5 trillion won ($3.4 billion) in sales last year alone. There was also the extraordinary case of a civilian employee at the Defense Intelligence Command who, in exchange for money, handed over to China the names of undercover agents operating abroad. He received a 20-year sentence on appeal in August, underscoring the gravity of the offense. In each case, internal controls collapsed.

The government has signaled harsh punishment over the Coupang breach, and police have launched a compulsory investigation. But the response cannot stop there. This is a moment to conduct a thorough review of internal security across government ministries and public institutions. Government data includes court and criminal records, land registry documents and medical and treatment histories — information essential to the functioning of the state. If such data is leaked, exploited or corrupted, the consequences go beyond privacy loss. They can disrupt government operations. The Coupang case became public only because the perpetrator sent threatening emails. Without them, citizens might never have known their information had been compromised. If a government agency had an open back door without realizing it, the vulnerability could threaten national security at a critical moment.

The U.S. Cybersecurity and Infrastructure Security Agency (CISA), under the Department of Homeland Security, offers detailed guidelines for countering insider threats. They list seemingly small but suspicious behaviors: emails with unusually large attachments, unexplained use of scanners, copiers or cameras, attempts to print restricted documents or logging in under multiple IDs. Insider breaches, in other words, must be blocked by dense systems, not left to personal ethics.

Korean authorities must move beyond one-time inspections and verify whether insider-management systems are sufficiently rigorous and precise. Experts say the government should strengthen the authority — and accountability — of security officers, raise hiring standards for security personnel and adopt a “zero-trust” security mindset across ministries and public institutions. Attempts to downplay breaches with statements like “no confirmed leak has occurred” can no longer be tolerated.

SK Telecom's headquarters in Jung District, central Seoul is seen on May 6. [NEWS1]

Son Ki-wook, a professor at Seoul National University of Science and Technology, said the Coupang case shows the need for government as well as companies to establish clearer rules on access permissions and user privileges and to issue comprehensive insider-threat guidelines. History offers repeated lessons: National disasters often strike when internal weaknesses combine with external threats. Pyongyang’s gates fell when they were opened from within, bringing an end to Goguryeo (37 B.C.–A.D. 668), one of the Three Kingdoms of ancient Korea. In 668, the allied forces of Silla and Tang China captured the fortress after internal fractures weakened its final defenses.

The same holds true for digital defenses in the 21st century. The safest path is to strengthen both external and internal security systems so that the gates of the digital fortress do not collapse from within.

This article was originally written in Korean and translated by a bilingual reporter with the help of generative AI tools. It was then edited by a native English-speaking editor. All AI-assisted translations are reviewed and refined by our newsroom.