South Korea, known for its blazing-fast internet and cutting-edge tech innovation, is now facing a growing cybersecurity crisis that exposes the fragility of its digital defenses.
The country has suffered a wave of high-profile cyberattacks in 2025, hitting credit card companies, telecoms, startups, and government institutions. These breaches have affected millions of citizens, sparking concerns about the nation’s fragmented cybersecurity system and slow response coordination.
Critics argue that the government’s disjointed structure, with multiple ministries and regulators working in silos, has made it difficult to mount swift, unified responses to cyber incidents.
“The government’s approach to cybersecurity remains largely reactive, treating it as a crisis management issue rather than as critical national infrastructure,” said Brian Pak, CEO of Seoul-based cybersecurity firm Theori, and advisor to SK Telecom’s cybersecurity committee.
Pak said South Korea’s cybersecurity agencies often operate independently, stifling long-term development and talent growth. The country is facing an acute shortage of skilled cybersecurity experts, creating a cycle where limited expertise hampers proactive defense building.
In 2025 alone, nearly every month has seen a major hack, from SK Telecom’s breach affecting 23 million users, to ransomware attacks on Yes24, and data leaks at financial firms like Lotte Card and Welcome Financial. Even North Korea-linked groups, such as Kimsuky, have intensified their espionage campaigns using AI-generated deepfakes to target South Korean defense institutions and embassies.
Related: WestJet Data Breach Exposes Personal Information of 1.2 Million Passengers
The scale of these incidents has pushed the Presidential National Security Office to take the lead. In September 2025, it announced a cross-ministerial cybersecurity plan to unify response efforts and allow government probes at the first sign of a breach, even before companies file reports.
However, experts warn that concentrating too much power in the president’s office could risk politicizing cybersecurity decisions. Pak suggests a hybrid model, with a strong central body for coordination, and technical agencies like KISA handling operations under clear accountability rules.
A spokesperson from the Ministry of Science and ICT said the ministry, alongside KISA and other agencies, remains “committed to addressing increasingly sophisticated and advanced cyber threats.”
“We continue to work diligently to minimize potential harm to Korean businesses and the general public,” the spokesperson added.
As cyberattacks grow in scale and sophistication, South Korea’s challenge will be not just defending against hackers, but rebuilding trust in its ability to respond decisively and cohesively.
