State agencies plagued by hacking attacks
With a series of public and private sector cyberattacks in South Korea recently, a report showed Monday that attacks against the Ministry of Health and Welfare and its affiliated agencies this year spiked 166-fold compared to last year.
The number of hacking attempts on the Health Ministry stood at 56,208 as of August, according to the ministry data revealed by Rep. Kim Sun-min of the minor opposition Rebuilding Korea Party. It skyrocketed from 338 in 2024, and was also a significant increase from 1,144 in 2022 and 211 in 2023.
When including all the ministry's affiliated agencies, the total number of cyberattacks was 552,188 in the first eight months of this year, which was up from 219,807 in 2022. Attacks against the Korea Social Security Information Service, which contains crucial information of the residents in the country, increased 20-fold to 68,494 since 3,314 in 2022.
"Hacking attacks against the ministry and the SSIS, which hold information about the residents' assets and income, have soared recently, and could result in serious damage," Kim said, urging the government to set up a special management system for state organizations with highly sensitive information that present particularly high risk upon data breach.
Though not all cyberattacks are aimed at data theft, massive personal information leaks are plaguing South Korea, as indicated by Personal Information Protection Commission data revealed last week. It showed that a total of 3.91 million pieces of personal information had been illegally taken from state-affiliated bodies last year, with this year's figure being 912,000, as of July.
How much data has been stolen either without being disclosed or detected is unclear, but reports indicate it is extensive. "APT Down: The North Korea Files," published recently in the US security magazine Phrack, showed that white hackers found evidence of continuous hacking on South Korean governments and corporations.
It was claimed in the report that the attacks were by hacking group Kimsuky, with possible involvement of Chinese hackers. A massive data dump was reportedly found on the attacker's computer, containing key information from the databases of prominent government branches including the Ministry of National Defense, the Ministry of Foreign Affairs, and the Supreme Prosecutors' Office.
Onnara Service, the pan-government network on administrative duties across all branches of the government, was alleged in the report to have been breached by hackers, although the claim was not verified by local authorities. A private contractor entrusted with development and operation of the system was confirmed to have been hacked in 2024, with the government pinpointing the North Koreans as culprits and launching an investigation in February of this year.
The network service of Onnara faced yet another bump recently, due to the massive delay in public services sparked by Friday's fire at the National Information Resources Service. The fire is thought to have been caused by a battery igniting in a server room, though an investigation is ongoing into the cause.
In addition to the attacks against the government, massive data breaches occurred at the major players in the civilian sector. This included a large-scale attacks against mobile carriers KT, SK Telecom, and credit card company Lotte Card, touching off customer complaints nationwide concerns over data safety in the country.
Copyright © 코리아헤럴드. 무단전재 및 재배포 금지.