SEOUL, South Korea – An aide to South Korean President Yoon Suk Yeol was hacked, likely by North Korea, Seoul said Wednesday, in an embarrassing security failing.
Prior to Mr. Yoon’s trip to Europe last November, the email security of an aide — so far unnamed and unidentified — to the president was breached, according to local reports.
Experts fret that South Korea is vulnerable due to “human software” failings.
Also Wednesday, it was announced that the president, besieged by a variety of issues, was postponing a trip to Denmark and Germany.
One issue is a scandal surrounding the first lady, who allegedly accepted a pricey Dior handbag as a gift from a person seeking direct access to the president. Another is a brewing showdown between the nation’s doctors and the Yoon administration, which seeks to expand the number of medical school locations.
A government source familiar with foreign affairs told The Washington Times that the cancellation of the trip was not, however, related to the disclosure of the hack.
Another government official, however, confirmed Wednesday that the reports were essentially correct. Last year’s breach took place just prior to a state visit to Britain and France by the president in November.
“The cause was a staffer who used private emails in violation of security rules,” an official in the presidential office told The Times. “The presidential office security system was not hacked.”
“External hacking attacks are a regular occurrence and are under constant monitoring,” the official continued. As the reported hack “was detected prior to the visit, necessary measures” were taken.
The official made clear that vulnerabilities were human, not technical: “Security strengthening measures were taken to prevent a recurrence, including enhancement of security awareness,” the officlal said.
South Korea is one of the most wired, most wireless countries on earth. Physical infrastructure, such as public toilets and high-speed railways, is equally top-tier.
Yet, even this impressive structure can be undermined by human flaws. Two lethal tragedies in recent years illustrate the severity of the problem.
In 2014, the ferry Sewol sank and 304 people died — mostly school children. Post-disaster analyses pointed to a string of human errors.
Corrupt managerial practices enabled top-heavy structural redesigns and cargo overload of the ferry. Aboard, poor helmsmanship and woeful disaster protocols led to the high death count. Ashore, a hierarchical command-and-control structure prevented the use of all assets during the rescue effort.
In 2022, 159 died in a crowd-crush disaster on the Halloween weekend in Seoul’s nightlife district of Itaewon. In their post-mortem, government officials pointed to a bureaucratic vacuum. While Seoul maintains a capable and numerous riot police force, because Halloween was an unofficial festival, no organizing body existed to request crowd management.
Though today’s revelation entailed no apparent loss of life, security experts and Korea watchers were scathing.
“I’ve got to believe that they have phones that can be encrypted,” said Steve Tharp, a U.S. Army lieutenant colonel who is retired in Korea. “You even have unclassified-but-encrypted: When I was in the Army, I could access my personal emails from a secure phone.”
If the presidential aide had necessary technologies but chose not to use them, “It puts the country at risk,” Mr. Tharp fumed.
Mason Richey, who teaches international relations at Seoul’s Hankuk University of Foreign Studies, said some government officials are unable to access work emails while off-site, while others ignore burdensome security protocols in their communications.
“A lot of them use private emails for work purposes even when they are at work due to past dependence — you can’t just toggle back and forth between two email accounts,” he said. “It becomes a logistical headache and the easiest way to solve it is to use private emails.”
In a highly communal, always-online-always-connected culture, the practices may be self-reinforcing.
“You cultivate habits that are insecure because of the impediments in using emails in the official way,” Mr. Richey said.
Exacerbating these failures is the proven ability of the enemy to ferret its way into systemic cracks.
“[South] Korea is still behind the learning curve in terms of good, cultural practices of cyber hygiene,” Mr. Richey said. “North Korea is a capable enough malign cyber actor that they will break tough defenses unless they are extremely strong — and technically they are — but practices in workplaces are not robust.”
Though North Korea operates an internal Intranet for its citizens, who are firewalled from the wider internet, it deploys highly capable cyber operators, often based in third countries.
Their operations have ranged from assaulting Sony’s network to stealing funds from banks in Bangladesh to breaching Seoul’s cyber defenses.
Mirroring the comments of the presidential official, Mr. Richey said of those defenses: “Human software is the problem, not tech hardware.”
• Andrew Salmon can be reached at asalmon@washingtontimes.com.
Please read our comment policy before commenting.