While the world has recently been hit hard by a series of cyberattacks that have disrupted government agencies and big businesses, Korea seems relatively safe with no reports of any serious intrusions.

Local security experts, however, said more malicious cyberattacks will be coming and Korea is susceptible to them due to its tense relations with North Korea and its advanced information technology infrastructure, both of which can be good bait for cybercriminals.

Last week, Petya, a new type of Ransomware -- a malicious code that encrypts files and demands ransom -- unsettled the world by paralyzing more than 2,000 computers. Airports, banks, subways and power plants were attacked in Ukraine. Global firms, Maersk, WPP and Saint Gobain, were thrown into chaos.

The attack came just one month after WannaCry, another ransomware, locked up more than 200,000 computers worldwide. 

“Korea was able to be prepared because the cyberattacks came relatively late here. However, we can’t say this is over and more malicious cyberattacks will be coming,” said a source from a local internet security firm on the condition of anonymity.

He said the firm has seen many attempted cyberattacks, which are assumed to come from North Korea and China, either to cause social chaos or take information or money.

Professor Lim Jong-in of Korea University’s department of cyber defense, said “Korea needs to take extra care on data protection of small medical and financial institutions. It would cause major chaos to the low- and middle-income groups if North Korea, one of the strongest hacking nations, hacks them.”

North Korea was blamed for paralyzing websites of major broadcasting firms and banks in 2013 and hacking Korea Hydro & Nuclear Power in 2014. It is reportedly behind the latest WannaCry attack, according to the US and UK intelligence sources.

Apart from the regional issue, South Korea’s advanced information technology infrastructure and high internet penetration rate make it a target, experts said.

“As cyberattacks are shifting from simply stealing private information into Ransomware demanding money, Korea can be good bait for the cybercriminals due to its advanced IT infrastructure,” said Lee Dong-geun, head of state-run Korea Internet & Security Agency’s Internet incidents analysis division.

A month ago, local web hosting firm Nayana was attacked by hackers, which paralyzed its 150 servers -- which also affected its 3,400 client websites. The firm reluctantly paid around $1.1 million in bitcoins -- which is the largest ransom paid in Korea -- to the hackers for the restoration of its servers damaged by ransomware.

Also, two weeks ago, seven local banks, two securities firms and the Korea Exchange received emails from another hacker group called Armada Collective, demanding 10 to 15 bitcoins (amounting to $26,200 to $43,600) to advert a cyberattack.

“As cyberattacks are becoming more advanced, malicious and lucrative, companies need to pay extra attention to information protection by backing up their data, updating security patches and upgrading Windows to prevent the attacks,” said Park Yong-kyu, head of Korea Internet & Security Agency’s Internet incident analysis team.

By Shin Ji-hye (shinjh@heraldcorp.com)