No external audit in seven years of military intelligence agency that leaked agent info

The Korea Defense Intelligence Command (KDIC), recently exposed for its lax security after information on undercover agents was leaked, has not undergone an external security audit in seven years.

The Defense Security Support Command building in Gwacheon, Gyeonggi is seen on Aug. 31, 2018. [NEWS1]

The Korea Defense Intelligence Command (KDIC), recently exposed for its lax security after information on undercover agents was leaked, has not undergone an external security audit in seven years. This comes after the Moon Jae-in administration revised a decree that initially required the Defense Security Command to audit the KDIC every other year, removing the authority of external organizations to do so. The KDIC is an intelligence unit operating under the Defense Intelligence Agency (DIA), which is under the control of the National Defense Ministry.

According to the office of People Power Party (PPP) Rep. Kang Dae-sik, a member of the National Assembly’s Defense Committee, and military sources, the Defense Security Command initially conducted security audits of the KDIC and the 777th Command per Article 186 of an order on the informatization of national defense, which specifies the auditing agency and target. The Defense Security Command and the Defense Intelligence Command conducted audits alternately once a year.

However, there was a change with the Moon administration launching the Defense Security Support Command after the disbandment of the Defense Security Command in September 2018 over the Defense Security Command's drafting of martial law documents. In February 2019, related orders were revised to remove the KDIC and the 777th Command from the organizations audited by the Defense Security Support Command.

After the Yoon Suk Yeol administration took office, the Defense Security Support Command became the current Defense Counterintelligence Command in November 2022, and its counterintelligence functions were strengthened, but the relevant orders were maintained.

Accordingly, the KDIC and the 777th Command have not been subject to audits by external counterintelligence organizations since the last security audit by the Defense Intelligence Command in 2017.

About this, the Defense Ministry stated in a document submitted to Rep. Kang’s office that “while revising the orders at the time, we have expanded and revised the security audit of the direct units and agencies of the ministry to be conducted by the Defense Counterintelligence Command,” adding, “however, the KDIC and the 777th Command are subordinate units of the Defense Intelligence Agency (DIA), and the DIA conducts audits every year.”

Many inside and outside the military say it is difficult to accept that the authority to audit the KDIC and the 777th Command was effectively limited to the DIA, an internal organization.

Both the KDIC and the 777th Command, directly managed and commanded by the DIA, must have stricter security as they handle important intelligence. The KDIC and the 777th Command collect information on North Korea through various means and are at the forefront of the South Korean military’s intelligence warfare.

The original purpose of the pre-revision decree was to place the KDIC and the 777th Command under the Defense Security Command’s inspection authority, considering their special nature, to require a thorough audit involving external agencies. The revision during the Moon administration has dismantled this dual audit mechanism.

According to sources, a KDIC official's recent leak to a Chinese agent of confidential information, including the list of South Korean undercover agents, was partly due to this internal auditing and lack of external audits.

The official who leaked the confidential information used about 10 mobile phones during the crime. He is believed to have secretly brought in other mobile phones in addition to the authorized phone with a mandatory security app installed and hid these other phones inside the base. Using multiple phones that he brought in this way, the official obtained the information to leak, filming level two to three secrets.

Coincidentally, the military official's leak of confidential information began in 2017, when the last security audit by the Defense Security Command was conducted.

If the security audit system of the Defense Counterintelligence Command within the military had not been neutralized, the leak of confidential information could have been detected earlier through a multifaceted audit, sources say.

“Only the KDIC and the 777th Command, which are the military’s main spy organizations, were singled out and placed outside the audit authority of the Defense Security Support Command when the orders were revised,” said Rep. Kang. “The previous government’s reduction of the scope of the Defense Counterintelligence Command to create intelligence agencies without checks and balances is tantamount to dereliction of duty.”

“We will consider improving the audit system when the regular revision of related orders and laws is discussed,” a Defense Ministry official said.

BY LEE KEUN-PYUNG, LIM JEONG-WON [lim.jeongwon@joongang.co.kr]