The death of a National Intelligence Service employee by apparent suicide on Saturday has raised more questions about the spy agency’s hacking activities.
The 20-year-veteran of cybersecurity at the NIS who was found dead from carbon monoxide poisoning in his car in Yongin, Gyeonggi Province, left three separate suicide notes, including one addressed to his employer, the NIS, which was made public on Sunday.
The man, identified only as Lim, was said to have been responsible for the spy agency’s purchase and operation of the Remote Control System hacking program from an Italian firm. The NIS’ use of the RCS program became a highly controversial issue when the 2012 purchase of the hacking program came to light last week. Allegations arose that the NIS had used the spyware to hack computers and cellphones of Korean citizens to illegally monitor their activities and that it was also used in relation to elections.
The NIS quickly acknowledged that it did indeed purchase RCS from Hacking Team, a Milan-based firm specializing in surveillance and intrusion technologies, insisting that it was used only in intelligence activities related to North Korea and antiterrorism efforts. In a highly unprecedented move, the NIS, on the day before Lim’s suicide, announced that it would open up the records of RCS program usage, which are classified material. A panel of National Assembly legislators was due to conduct an on-site investigation at the NIS this week.
Lim’s suicide note indicated that he had made the “mistake” of deleting information that “created misunderstandings about our counterterrorism and covert operations on North Korea.” He also insisted that RCS was never used on South Korean citizens or in relation to elections.
The ruling Saenuri Party appears to be trying to hold the opposition New Politics Alliance for Democracy and the media responsible for Lim’s death. A Saenuri lawmaker remarked that state employees should not be pressured by politics. However, this is not the time to assign blame for Lim’s regrettable death. His death, as tragic as it is both for his family and for the NIS, where he was a highly experienced cybersecurity veteran, should serve as an occasion to launch a thorough investigation into the whole RCS spying allegation.
Lim’s death raises even more questions concerning the whole RCS controversy. If there was no illegal spying on South Korean nationals and the operation of RCS had nothing to do with elections, why did Lim choose to kill himself? He could have, and should have, stated his innocence during investigations.
Another question that comes immediately to mind concerns the NIS organization. How is it that an employee could delete controversial files at a time when all eyes must have been on operations related to the RCS program?
Did the culture within the NIS drive Lim to his death? If he had deleted the concerned files on his own, as he states in his suicide note, it is possible that he was blamed at the NIS for what he said was his “mistake” and chose death as a way out.
The NIS said that the deleted records can be recovered “100 percent.” If this were the case, Lim, a cybersecurity expert, would have known it too. If he had known that his “mistake” ― deletion of records ― would not be irreversible, why did he erase them in the first place and why did he subsequently kill himself assuming responsibility for it?
The NIS claims that exposing its covert operations threatens national security. It should also realize, however, that the loss of people’s trust in the institution poses a great national security danger, too. The NIS should not allow Lim’s death to be used as a way out of its current troubles, but must allow a thorough investigation of the institution, which is repeatedly suspected of illegal activities. Only then will it gain people’s trust.