WEDNESDAY, JULY 15, 2026|No. 7271
Technology · Cybersecurity

Cyberattacks on South Korean military hit five-year high, report shows

South Korea’s military faced over 18,000 cyberattack attempts in 2025, a five-year high, while struggling to retain cybersecurity specialists due to private sector competition.

South Korea's military cyber defenses face challenges amid rising attacks and talent retention issues.
South Korea's military cyber defenses face challenges amid rising attacks and talent retention issues.
1 sources
Pipeline ingest
3 reads
Positive / Neutral / Negative
1 countries
Related coverage

South Korea’s military faced more than 18,000 cyberattack attempts last year, a five-year high, while struggling to retain specialists trained to defend against such threats, according to a report released by a lawmaker’s office on Sunday.

The report, based on Defense Ministry data submitted to Rep. Yu Yong-weon of the main opposition People Power Party, showed 18,951 cyberattack attempts against the military in 2025, up 31 percent from around 14,400 a year earlier. The figure had fallen to around 9,100 in 2022 from 11,700 in 2021, before rising for three straight years.

The figures come amid growing concern over North Korea’s cyber capabilities. Kim Jong-un underscored the role of the Reconnaissance General Bureau, the regime’s key intelligence agency believed to oversee cyberwarfare and other operations, during a July 9 visit to its headquarters.

By type, attempted intrusions into military websites accounted for nearly all reported cases last year, with 18,792 incidents. Hacking emails, which typically impersonate trusted senders or use misleading subject lines to lure recipients into opening malicious attachments, also rose steadily, from 16 cases in 2023 to 96 in 2024 and 127 in 2025.

South Korean military intelligence authorities estimate that North Korea operates around 8,400 hackers, largely under the General Staff Department’s Reconnaissance General Bureau.

According to Yu’s office, the North Korean hackers are believed to route attacks through third countries to avoid detection while carrying out activities such as phishing, hacking email campaigns and cryptocurrency theft.

Yet South Korea is struggling to secure its own cyber defense talent.

The military operates a cyber officer program designed to train specialists capable of responding to increasingly sophisticated cyberthreats. After graduation and commissioning, officers are assigned to military units specializing in cybersecurity and digital forensics. But many officers trained under the program have left the service after completing their mandatory duty.

Of 104 cyber officers commissioned between 2016 and 2019, 89, or about 85 percent, left the military after completing their seven-year mandatory service, according to the ministry data submitted to Yu.

The military is also having trouble bringing new specialists into uniform.

The commissioning rate for cyber officers stood at about 96 percent in 2016, with 27 of 28 graduates commissioned, and about 92 percent in 2017, with 26 of 28 graduates commissioned. But in 2025, only seven of 24 graduates were commissioned, the data showed.

A military official attributed the decline to higher pay and better working conditions in the private sector, where demand for AI and cybersecurity experts has surged in recent years.

“Talented graduates are increasingly giving up military commissions and choosing private companies or research institutes instead,” the official said on condition of anonymity.

Yu also called for steps to improve conditions for military cyber personnel and stem the outflow.

“Cybersecurity is a highly specialized field where experts cannot be trained overnight. It requires experience and expertise accumulated over a long period of time,” Yu said.

“At a time when North Korea is advancing its cyberattack capabilities by using even AI, we can no longer leave in place a structure in which most cyber specialists leave the military after completing only their mandatory service.”

PAN's pipeline reviewed approximately 1 open sources for this article. No human editor reviewed this article before publication.

Related Reads

Show on timeline →