South Korean military hit by 9,200 cyber attacks in first half of 2025, up 45% from 2024

SEOUL – South Korea’s military said it repelled more than 9,200 hacking attempts in the first six months of the year, up about 45 per cent from the same period a year earlier, with most believed to be from North Korea.

A total of 9,262 cyber attacks targeted the South Korean military in 2025 from January to June, according to data provided to The Korea Herald Sunday by the office of Representative Yu Yong-weon of the main opposition People Power Party.

Specifically, 9,193 attempts were made to breach the military’s official homepages, while the remaining 69 were cyber intrusion attempts through e-mail hacking.

No malicious code attacks were detected during the period, according to the data.

The South Korean military said “all cyber attacks were blocked and that no damage was inflicted”, Mr Yu’s office explained.

The total number of attempted breaches – including homepage intrusions, malicious code and e-mail hacking – was tallied at 6,146 in the first half of 2021, 4,943 in 2022, 6,805 in 2023 and 6,401 in 2024.

The 2025 cyber attacks targeting the South Korean military surged, up 44.7 per cent compared with the corresponding period in 2024.

South Korea’s Cyber Operations Command informed Mr Yu’s office that many of the attacks were attributed to North Korea.

“We cannot precisely identify the actors behind the cyber intrusion attempts, but it is presumed that the majority were conducted by North Korea in the light of correlations between the countries where the routing IP addresses are located, and the IPs used for intrusion attempts,” the command said without further details.

“The military is maintaining a firm cyber readiness posture by advancing its response system,” it added.

Mr Yu underscored that the “fact that cyber intrusions targeting our military’s internet network marked an all-time high is actually a grave warning sign”.

“Only one intrusion of the military network can cause fatal damage to the command-and-control system as well as critical information assets,” he added.

“Therefore, the military authorities should raise awareness through maintenance of the security and control system, regular exercises simulating cyber intrusions and strengthening security education for military officers, and should come up with effective countermeasures.”

Mr Yu called for the government to actively revise the law, including the establishment of a control tower for cyber security under the direct supervision of President Lee Jae Myung, to respond to advanced and sophisticated cyber threats at the pan-government level.

Though fewer in number, attacks against military-adjacent companies have risen as well. The number of cyber attacks on defence industry companies reported to the military surged in 2024, according to data provided by Mr Yu’s office.

The reported cases of cyber attacks were five in 2021, two in 2022, four in 2023 and 16 in 2024.

But Mr Yu’s office noted there are limitations in identifying the total number of cyber-breach attempts on defence contractors, since they manage their systems independently under South Korea’s Defence Technology Security Act.

Article 13 of the act stipulates that the head of a targeted institution “shall establish and operate a defence technology security system in order to protect defence technology”. THE KOREA HERALD/ ASIA NEWS NETWORK