As cyberattacks increasingly threaten national infrastructure and corporate management, South Korea’s response remains largely reactive, according to experts. The rise of artificial intelligence (AI) and cloud technology has exacerbated vulnerabilities, yet the nation’s security investments and policy responses have not evolved at the same pace, leading to concerns over the effectiveness of the country’s cybersecurity measures.
Analysts emphasize that the South Korean government has not established a dedicated policy control tower to enhance cybersecurity competitiveness. This lack of strategic oversight, combined with insufficient private sector investment, is eroding the overall strength of the domestic security industry ecosystem. Statistics corroborate this assessment, revealing that South Korea’s cybersecurity investments and response systems are lagging behind the sophistication of emerging threats.
The “2025 Cyber Threat Trends and 2026 Outlook” report, published by the Ministry of Science and ICT and the Korea Internet & Security Agency (KISA), highlighted a significant increase in reported cyber incidents. Last year, a total of 2,383 cases were documented in the private sector, marking a 26.3% rise from 1,887 incidents the previous year and the highest figure since record-keeping began. The escalation was especially pronounced in the latter half of the year, with reports climbing from 1,034 in the first half to 1,349 in the second half, demonstrating a 37% year-on-year increase.
The nature of cyberattacks has also evolved, with Distributed Denial of Service (DDoS) attacks doubling to 588 instances and ransomware attacks rising by over 40% to 274 cases. Notably, server hacking accounted for 44.2% of all reported incidents, underscoring a substantial vulnerability within the nation’s cyber defenses.
As attacks increasingly target critical infrastructure sectors, including telecommunications, distribution, and finance, the potential ripple effects on consumer safety are growing. Beyond mere system breaches, more complex attacks involving information theft, disruptions to authentication systems, and customer data leaks are becoming commonplace. The rise of secondary phishing and smishing attacks that exploit previous data breaches only underscores the urgency of addressing these vulnerabilities.
Security experts warn that the current corporate security infrastructure is operating under peacetime standards, even as the threat landscape has entered a wartime phase characterized by new challenges such as AI-driven attacks, supply chain infiltrations, and cloud-native threats. Calls for a fundamental shift in how organizations perceive and manage cybersecurity are increasing, with recommendations for adopting a “Zero Trust” model that treats all access as untrusted, regardless of origin.
Despite the escalating threats, investments in cybersecurity by South Korean firms remain alarmingly low. KISA’s information protection disclosure statistics reveal that only 773 companies met disclosure obligations last year, which accounted for a mere 6.3% of total information protection investments compared to overall IT spending. This figure is stagnant, hovering around the early 6% range for several years, while U.S. companies allocate roughly 13-14% of their IT budgets to security. In terms of sales, major domestic firms invested just KRW 2.24 trillion in information protection in 2024, equating to only 0.13% of total sales—a slight increase from 0.10% in 2022 but still far below adequate levels.
The telecommunications sector, which operates essential communication networks, also lags in security investments, with SK Telecom allocating only 4.1% of its IT spending to security, followed by KT at 6.4% and LG U+ at 7.4%. While some companies have increased spending in response to security incidents, the overall investment remains insufficient, focusing primarily on creating a minimal defense rather than a robust security posture.
This stagnation in security investment is constraining the development of a competitive industrial ecosystem. An official from the Korea Information Protection Industry Association (KISIA) noted that domestic security firms struggle to scale and compete globally due to market structure issues and limited funding. While physical security sectors, such as CCTV, maintain stable export trends, the global market share for information security software remains limited.
The talent shortage in cybersecurity poses another significant challenge. Security professionals often receive lower compensation compared to their peers in general IT or AI, leading to high turnover rates as skilled workers migrate to global companies or overseas markets. This trend threatens to entrench vulnerabilities within domestic organizations.
Experts argue that the root of South Korea’s cybersecurity issues lies not in technical deficiencies but in structural and perceptual challenges. Lee Won-tae, a special professor of information protection and AI policy at Kookmin University, stated, “The hacking threat is advancing to the highest level in the world, but investments and organizations remain at the normal level.” He cautioned that if current trends continue, critical communication infrastructure could be the first to falter.
To address these pressing concerns, experts advocate for the establishment of a dedicated body to coordinate cybersecurity efforts and to reframe security investment as a core management priority rather than merely a cost. Without a consistent budget and strategic support from the government, South Korea’s digital competitiveness risks being undermined at its foundation.
See also
Anthropic’s Claims of AI-Driven Cyberattacks Raise Industry Skepticism
Anthropic Reports AI-Driven Cyberattack Linked to Chinese Espionage
Quantum Computing Threatens Current Cryptography, Experts Seek Solutions
Anthropic’s Claude AI exploited in significant cyber-espionage operation
AI Poisoning Attacks Surge 40%: Businesses Face Growing Cybersecurity Risks
