NIS says recovered data proves it didn’t snoop

Lee Byung-ho, director of the National Intelligence Service, speaks to the Intelligence Committee of the National Assembly on Monday. [NEWSIS]

The National Intelligence Service (NIS) reported to the National Assembly on Monday that an agent who took his own life deleted 51 files, and that the restored files show that regular South Koreans were not spied on over their mobile devices through a hacking program purchased from Italy.

In its report to the National Assembly’s Intelligence Committee, the NIS said that the agent surnamed Yim deleted 10 records of successful use of the Italian software to hack North Korea or terror-related targets before he took his own life on July 18. Another 10 files were failed hacking attempts.

The remaining 31 files were internal tests of the hacking software, it said.

The NIS emphasized that in the 20 hacking attempts on North Korean targets or terrorist suspects, “There were no cases of a South Korean target,” according to a lawmaker on the committee afterward. The agency “completely denied the allegations that South Koreans had been surveilled,” the lawmaker said.

NIS Director Lee Byung-ho presented the report to lawmakers on the Intelligence Committee at the National Assembly and swore there has not been any illegal monitoring of regular citizens.

The NIS said it recovered all the data deleted by Yim, a 45-year-old NIS employee involved in operating the hacking programs, who was found dead in his car in Yongin, Gyeonggi, on July 18. He is believed to have killed himself by asphyxiation from toxic charcoal fumes.

In a three-page handwritten suicide note, Yim denied that the NIS monitored ordinary Koreans with controversial software purchased from Italy and admitted he deleted material from NIS records that could “cause misunderstandings related to counterterrorism and North Korea operations.”

His death came after the opposition New Politics Alliance for Democracy (NPAD) accused the NIS of having used spyware purchased from Italian surveillance malware vendor Hacking Team in 2012 to monitor South Koreans over their mobile devices during general and presidential election campaigns that year. The agency claimed the programs were only used on terrorist suspects and North Korean agents.

In its report to the Intelligence Committee, the NIS added that the remote control system (RCS) software purchased from the Italian company “cannot monitor [targets] through KakaoTalk,” a widely used social messaging service. It added that the RCS program cannot be used to monitor a target over a mobile device in real time. Leaked data from Hacking Team had indicated the NIS was interested in whether the Italian hacking program could be used on the popular messaging application.

The NPAD said that unless the log files and related documents are released in their entirety, they won’t be satisfied.

NPAD lawmakers pointed out the NIS report listed North Korea agents and terrorist suspects alphabetically and that detailed information was not given on the targets.

“There was no evidence given by the NIS on its claims that KakaoTalk cannot be used for monitoring targets, and we were told to just trust them unconditionally,” said Rep. Kim Kwang-jin of the NPAD, who is on the parliamentary Intelligence Committee.

Rep. Shin Kyoung-min, another NPAD lawmaker on the Intelligence Committee, said, “The opposition party has requested a total of 34 documents [from the NIS], yet none of them have been delivered.”

Ahn Cheol-soo, who heads the NPAD’s committee to investigate the allegations and protect civilians’ privacy, emphasized in a briefing that the ongoing allegations could not be cleared so easily.

He demanded that the “requested documents [be] properly submitted, and there [be] at least five experts in attendance and at least one month of time [be] allocated.”

In regards to the NIS concluding that there had been no monitoring of ordinary South Koreans, Ahn continued, “The employee who committed suicide deleted files in a method that is 100 percent retrievable and then took his own life. That is something that nobody will be able to accept.”

He continued, “The Saenuri Party needs to stop with its irrational excuses and, rather than rejecting everything involved with the NIS, needs to resolve the allegations by accepting reasonable demands.”

Saenuri Rep. Lee Cheol-woo, who is also on the Intelligence Committee, said, “From the beginning, the NIS has said that releasing the original log file was not possible, and the Saenuri Party has firmly said it was not possible to submit that document. Instead, there were plenty of explanations on the deleted data today.”

The Seoul Central District Public Prosecutors Office on Monday forwarded the case to its public security department, as it kicks off a probe into the NIS surveillance allegations. It has dealt with other NIS surveillance allegations in 2002 and 2005.

The NPAD on Thursday filed a complaint with the prosecution against other people implicated in the case. It included Nanatech, the Korean communications company that served as an intermediary between the NIS and Hacking Team, in the complaint.

BY SARAH KIM, NAMGUNG WOOK [kim.sarah@joongang.co.kr]