澳门六合彩

South Korea is sounding the alarm on North Korean cybersecurity threats. In line with his聽 (GPS) agenda, President Yoon Suk-yeol seeks international partners to tackle rising incidences of cybercrime, data theft, and misinformation campaigns coming from its neighbor to the north.聽

South Korea鈥檚聽 put cybersecurity issues front and center, with Ambassador Hwang Joon-kook emphasizing that 鈥淢alicious cyberactivities, including cyberattacks on key infrastructure and thefts of civilian data and virtual assets, have a transnational nature.鈥� The high-level discussions on cybersecurity in June energized the policy debate globally, opening an opportune window to follow up on these talks with new policy initiatives.聽

One of the Republic of Korea鈥檚 strongest partners in cybersecurity is the United States, with President Yoon and President Biden reaffirming the necessity of expanding the US-ROK alliance to cyberspace聽

One of the Republic of Korea鈥檚 strongest partners in cybersecurity is the United States, with President Yoon and President Biden reaffirming the necessity of expanding the US-ROK alliance to cyberspace and聽 during their 2023 bilateral summit. Despite mutual agreement on both sides for closer cybersecurity cooperation and multilateral efforts to strengthen cyber ties, much work remains to be done to not only 1) recognize the existing institutional and strategic challenges to coordinating cybersecurity policy ahead of time but also 2) to implement the necessary steps towards delivering actionable and tangible results.

North Korean Cyber Operations

Over the past ten聽years, North Korea鈥檚 hacking operations have steadily increased as cybercrime becomes one of the regime鈥檚 main sources of international funding. According to a聽, North Korea may be responsible for up to 58 cyberattacks on cryptocurrency companies between 2017 and 2023, totaling $3 billion in stolen currency. Such cyber activities generate approximately 50% of North Korea鈥檚 foreign currency income and could fund up to 40% of the DPRK鈥檚 weapons of mass destruction programs. Known hacker groups operating out of the DPRK such as the have launched steady attacks against digital infrastructure across South Korea, targeting satellite launch facilities, court systems, and senior-level Korean defense contractors.

The United States has also suffered security breaches at the hands of complicated North Korean cyber operations, from North Korean agents聽 in Fortune 500 companies to sustained ransomware campaigns against American hospitals and think tanks. Both South Korea and the United States have a vested interest in deterring and countering these cyber operations to protect infrastructure and information vital to their national security and slow down the North Korean nuclear weapons program.

...the United States and South Korea are taking steps to learn from one another鈥檚 national cybersecurity strategies and integrate defensive measures through bilateral and multilateral initiatives.

Given these constant North Korean provocations, the United States and South Korea are taking steps to learn from one another鈥檚 national cybersecurity strategies and integrate defensive measures through bilateral and multilateral initiatives. The South Korean military regularly joins US-led cyber defense exercises, and most recently integrated US-ROK collaboration into the trilateral partnership with Japan during the聽 naval exercises. Moreover, the Korean National Intelligence Service partners with the Federal Bureau of Investigation and the US Intelligence Community to raise public awareness of cyber threats through initiatives such as the聽 social media campaign. Yoon Suk-yeol's updated聽 focuses Korea鈥檚 cybersecurity strategy on preemptive and offensive cyber operations to root out North Korean threats prior to cyberattacks.

This puts South Korean strategy in alignment with the US offensive cybersecurity doctrine and its聽 model, opening the door for closer intelligence sharing between the allies as early intelligence is vital for successfully preempting cyberattacks. These developments in defense cooperation are promising, but in a dynamic digital landscape with a diverse range of stakeholders the two nations should seek other avenues of cyber-coordination beyond the military and intelligence agencies. Examples of such innovations in cybersecurity partnerships are apparent in the US response to another cyber threat.

Lessons from Cybersecurity Cooperation in Ukraine

Interestingly, recent lessons from the United States and allies鈥� efforts to聽bolster Ukraine鈥檚 cyber defense capabilities in the face of Russian digital warfare may serve as strong examples for future US-ROK joint cybersecurity initiatives vis-a-vis North Korea. In order to swiftly bolster Ukraine鈥檚 cybersecurity infrastructure, direct institution-to-institution cooperation and capacity-building was key. While US institutions such as the Department of Energy and Treasury Department easily worked with their Ukrainian counterparts on improving defense and information sharing, the bureaucratic relationship between US and Ukrainian defense organizations prevented smooth cooperation in other areas. The Ukrainian National Guard, for instance, could not cooperate with the US military as it was considered a peace force, a legal obstacle only overcome when the National Guard was subordinated to the Armed Forces through a martial law decree.聽

Despite these bureaucratic clashes, the US did achieve success in Ukraine on the public-private cooperative front. Another insight from US efforts to cooperate with Ukraine was the importance of private-public support in bolstering cybersecurity research and capacity building, with American firms coming together to create the Cyber Defense Assistance Collaborative to coordinate their cybersecurity assistance and resource provision to the Ukrainian government. This example shows that creating an environment in which private firms are incentivized to support government cybersecurity projects is a productive avenue for new attempts at international cybersecurity cooperation.

Policy Recommendations

Given the lessons from Ukraine and the present willingness and opportunity to expand cybersecurity policy coordination, The United States and South Korea may consider pursuing two courses of action:

1. Standardizing Operational Organization

Both the United States and South Korea have robust cybersecurity governance structures, with law enforcement, monitoring, and regulatory functions dispersed among government agencies and the armed forces. However, South Korean cybersecurity policy sometimes lacks institutionalization in the face of new threats, with the National Intelligence Service (NIS) pulling together ad-hoc interagency emergency committees and 鈥渃onsultative bodies鈥� in reaction to incidents such as a recent聽.

South Korean lawmakers are currently discussing聽 to grant the NIS proactive power to investigate cybersecurity breaches of other agencies and inspect their compliance with cybersecurity regulations鈥攁 sign that the ROK government recognizes the need to further institutionalize cybersecurity practices and define key roles for NIS and other agencies鈥� response during cyberattacks. This approach could face opposition due to public mistrust of the NIS on account of its聽 and human rights violations. However, an alternate cybersecurity governance structures could be explored to address public concerns. Regardless of what structural reforms are pursued, clearer operationalization of cybersecurity governance will serve to smooth potential bumps in direct institution-to-institution collaboration and capacity-building between the relevant Korean and American government agencies.

2. Increasing Public-Private Cooperation

The close relationship between the government and private sector in South Korea comes with its own benefits and challenges for strengthening cybersecurity cooperation with the United States. There are around 531 cybersecurity companies operating in South Korea, and a聽highlights how the South Korean Ministry of Science and ICT has allocated over $612 million to strengthen R&D efforts and cybersecurity competitiveness through projects with academia and private firms. In the context of such efforts, the United States has an opportunity to assist South Korea鈥檚 public-private partnership projects through expanding the聽 fund, which has only received a small $50 million in appropriations for dispersal to any allied nation applying for assistance.聽

The can also serve as an additional avenue to bring together private firms in both nations to share best cybersecurity practices and plan new investments structures in cybersecurity initiatives and research. Trans-Pacific private-public discussions will also have to overcome differences in digital transparency regulations, as current聽 is more restrictive of how researchers and firms can share data when it comes to designated 鈥渘ational core technologies.鈥� Working-level discussions could address how the allies can allow firms to share and safeguard data in these sensitive industries to strike a fair balance between competition, cooperation, and national security in public-private cybersecurity partnerships.

Cybersecurity cooperation between the United States and South Korea is one of several promising new policy areas that the Biden and Yoon administrations incorporated into the alliance relationship in recent years. It is an area benefiting from deep institutionalization through working-level dialogues and joint defense exercises. In this context, policy discussions to pursue operational standardization and public-private partnerships are likely to bear fruit and encourage a deepening of the US-ROK relationship in other policy realms.

The views expressed are the author's alone, and do not represent the views of the U.S. Government or 澳门六合彩. Copyright 2024, Indo-Pacific Program. All rights reserved.

Follow the Indo-Pacific Program on Twitter or .

Follow the Korea Center on Twitter @Korea_Center or on Instagram at .