(C) NK News

SEOUL — As the proliferation of Artificial Intelligence (AI) and cloud computing transforms the global digital landscape, South Korea’s cybersecurity infrastructure is facing a critical tipping point. Despite a record-breaking surge in hacking incidents, experts warn that both the government and the private sector remain trapped in a reactive "after-the-fact" mindset, leaving national infrastructure and corporate assets dangerously exposed.

A Record Year for Cybercrime
According to the "2025 Cyber Threat Trend and 2026 Outlook" report released by the Ministry of Science and ICT and the Korea Internet & Security Agency (KISA), the numbers are staggering. In 2025, private-sector infringement reports reached an all-time high of 2,383 cases, a 26.3% increase from the previous year.

The escalation became particularly aggressive in the second half of 2024, with a 37% year-over-year spike. The methods of attack are also evolving:

DDoS Attacks: Doubled compared to the previous year (588 cases).
Ransomware: Increased by over 40% (274 cases).
Server Hacking: Remained the most prevalent threat, accounting for 44.2% of all incidents.
Beyond simple system intrusions, attackers are now employing sophisticated "long-term incubation" tactics to steal data, disrupt authentication systems, and leak massive amounts of customer information. This creates a vicious cycle where corporate security failures lead directly to secondary crimes like phishing and smishing for consumers.

The "Investment Gap" vs. Global Standards
While cyber warfare has entered a "wartime" state, South Korean corporate investment remains stuck in "peacetime" levels. Data from KISA reveals that for the 773 companies subject to information security disclosure, the ratio of security investment relative to total IT investment is a mere 6.3%.

This stands in stark contrast to global leaders. U.S. corporations typically allocate 13% to 14% of their IT budgets to security—more than double the Korean average. Even more concerning is the ratio of security investment to total revenue, which sits at a minuscule 0.13% for major Korean firms.

Even the nation's leading telecommunications providers, the backbone of the country's connectivity, show underwhelming figures. In 2024:

SK Telecom: 4.1% of IT budget spent on security.
KT: 6.4%.
LG Uplus: 7.4%.

Structural Weaknesses and Brain Drain
The lack of financial commitment is stifling the domestic security ecosystem. The Korea Information Security Industry Association (KISIA) noted that while physical security (such as CCTV) remains a stable export, the software-based information security sector struggles to gain global market share due to a lack of capital and a domestic-focused market structure.

Furthermore, the industry is facing a severe talent shortage. Lower wages compared to AI or general software developers, combined with the high-stress nature of 24/7 monitoring, are driving skilled professionals to foreign firms or overseas markets.

A Call for "Zero Trust" and Leadership
Experts argue that the vulnerability of Korea’s cyberspace is not a technical failure, but a structural and perceptual one. Lee Won-tae, a professor at Kookmin University and former president of KISA, warned that if the status quo continues, "the first link to break will be our national communication infrastructure."

To combat this, specialists are urging for:

A Permanent Control Tower: A consistent government body to coordinate national cybersecurity strategy.
Zero Trust Models: Moving away from perimeter defense to a "verify everything" architecture.
Cultural Shift: Treating security as a core business value and essential management infrastructure rather than an optional expense.
"If the government and private sector do not establish a consistent investment and industrial development strategy," Lee emphasized, "the very foundations of Korea's digital competitiveness will be shaken."