South Korea, a digital leader, faces escalating cyberattacks due to its rapid technological advancement and fragmented cybersecurity defenses. The country has experienced a major cybersecurity incident every month in 2025, affecting various sectors including retail, finance, and telecommunications.
Key issues include:
- A fragmented system of government ministries and agencies leading to slow and uncoordinated responses.
- A severe shortage of skilled cybersecurity experts.
- Reactive rather than proactive cybersecurity measures.
Notable incidents include data breaches at GS Retail, Wemix, Albamon, SK Telecom, Yes24, and Lotte Card. North Korea-linked hackers, such as the Kimsuky group, have also targeted South Korean organizations and embassies using advanced techniques like AI-generated deepfakes.
In response, the South Korean Presidential Office is tightening defenses through an interagency plan and considering legal changes to launch probes at the first sign of hacking. However, concerns remain about potential politicization and overreach.
Experts suggest a hybrid model with a central body for strategy and coordination, alongside independent oversight and expert agencies like KISA for technical work.