With the recent appointments of the Deputy Director of the National Intelligence Service and the Cybersecurity Secretary at the Presidential Office, interagency cooperation on cybersecurity policies is expected to gain momentum.
Addressing the recent wave of North Korean and Chinese-backed cyberattacks targeting South Korean government entities and businesses has emerged as a pressing priority for these officials.
On Wednesday, industry sources reported that Kim So-jung, former head of the Emerging Security Research Division at the Institute for National Security Strategy (INSS), has been tapped as the new Cybersecurity Secretary within the National Security Council. She assumed her role on Monday, filling a position that had been vacant for two months.
The Cybersecurity Secretary is responsible for overseeing cybersecurity issues across public, private, financial, and military sectors, while coordinating related policies. This role involves collaboration with key figures such as the Deputy Director of the National Intelligence Service, who oversees national cybersecurity, the head of the Korea Internet & Security Agency (KISA), which investigates private sector incidents, and the head of the Financial Security Institute.
Industry experts unanimously stress the need for these policymakers to swiftly establish a robust cybersecurity framework capable of defending against state-sponsored attacks.
Recent intelligence has revealed that a suspected Chinese hacker group infiltrated major South Korean government ministries and telecommunications networks from late last year through June. Meanwhile, North Korea continues its campaign of attacks on cryptocurrency exchanges to secure funding.
A growing concern is the evolution of state-sponsored hacking, which is increasingly leveraging new technologies like artificial intelligence (AI). These attacks often target vulnerabilities in complex software and security equipment supply chains, leading to widespread, cascading damages.
This complexity underscores the limitations of individual agencies in addressing these threats. Rather than assigning blame to specific entities, experts advocate for fostering active information sharing and developing preventive measures at the national level.
An industry insider noted that the current landscape is characterized by simultaneous cyber incidents across public, private, and military sectors. Further noting that it’s crucial for the National Security Office, the National Intelligence Service, and KISA to continuously share damage reports and identify collaboration points to jointly develop comprehensive solutions.
In response to these challenges, the National Cyber Crisis Management Team was established in 2023, bringing together representatives from key government ministries and private sector experts.
Given the President’s call for a cybersecurity environment suited to the AI era, agency heads are also focused on enhancing capabilities in cutting-edge security technologies.
Operational technology (OT) security, in particular, is viewed as a critical component in supporting the safe AI transformation (AX) of the manufacturing sector. The government has set an ambitious target to increase AI adoption among manufacturing companies to 40% by 2030 through advancements in physical AI technology.
Another industry expert warned that as AI adoption expands the attack surface of intelligent factories, they become prime targets for ransomware, supply chain attacks, and unauthorized remote control. Further noting that however, OT security currently suffers from inadequate government investment and a shortage of skilled personnel.
Looking ahead, addressing the talent shortage in the domestic cybersecurity industry remains a long-term challenge. The recent ransomware attacks on financial institutions have underscored the growing importance of zero-trust and proactive monitoring security models. Developing a skilled workforce to meet these emerging demands will require sustained national-level initiatives.