With North Korea estimated to have siphoned off more than 2 trillion KRW (approximately 1.5 billion USD) in virtual assets last year, analysts warn that cyberattacks have evolved beyond simple data theft to become simultaneous threats to national security, industrial competitiveness and the financial order.
In its annual report released on the 10th, the National Intelligence Service’s National Cybersecurity Center said North Korean hacking has grown more sophisticated, targeting both cash and technology. Investigators found attackers exploited vulnerabilities in three document-management solutions to create administrator accounts and exfiltrate data. Officials estimate the volume of sensitive material ranges from at least 700 records to as many as 2.6 million. Because hackers focused on high-value sectors such as defense and information technology, authorities treat the incident as a loss of critical national assets in addition to corporate damage.
Intrusion methods have become far more complex. The report says North Korean groups used IT maintenance contractors as footholds to penetrate infrastructure networks, seized control of more than 20 servers and stole key materials, including engineering drawings. They also targeted open-source supply chains and used deepfake video interviews to impersonate candidates and secure sham jobs at overseas IT firms. Analysts even detected a new tactic of remotely wiping smartphones to hinder security responses. In short, hacking has expanded from exploiting system vulnerabilities to targeting people, partner firms and the broader development ecosystem.
The government has broadened its response. Cyber119, launched in August 2024, divides the country into five regions and mobilizes roughly 130 experts from 46 agencies to provide rapid early response to large-scale hacks or network paralysis. At the same time, the public sector adopted a national network security framework known as N2SF, applying tiered controls—confidential, sensitive and public—based on data criticality. Officials say this approach does not ban new technologies such as generative AI and cloud services outright but manages risk so their use can expand safely.
Over the mid to long term, authorities are preparing for the quantum-computing era. The government issued cybersecurity guidelines for space systems and finalized four Korean-style quantum-resistant cryptographic algorithms that even quantum computers would struggle to break. Officials are developing a comprehensive roadmap to transition the national cryptographic system to quantum-resistant algorithms by 2035. The National Cybersecurity Center noted last year’s large-scale personal data breaches and government network outages showed cyber threats can cause real-world harm, and it warned the focus on cyber defense will likely broaden from information protection to a core economic-security policy protecting finance, industry and government systems.
