The Korea Herald


South Korean elections vulnerable to North Korean hacking threats: spy agency

By Kim Arin

Published : Oct. 10, 2023 - 15:20

    • Link copied

National Intelligence Service deputy director Bae Jong-wook speaks to reporters during a press briefing on Tuesday. (NIS) National Intelligence Service deputy director Bae Jong-wook speaks to reporters during a press briefing on Tuesday. (NIS)

South Korea’s election systems may be vulnerable to foreign hacking threats and are in need of fortification ahead of next year's general election, the National Intelligence Service said Tuesday.

In a rare press briefing, the NIS shared the results of a cybersecurity screening that showed the election watchdog had been targeted by both attempted and successful attacks from North Korea and that it had remained unaware of the exposure.

The NIS cybersecurity experts said that the election service’s systems for tallying votes and storing voting information were unable to fend off mock cyberattacks. The mock test found that vote counts could be manipulated and the results could be changed. Voters who already voted could be marked as not having voted, allowing them to vote more than once during the same election.

It remains unclear whether past elections have been affected by cyber incidents, Bae Jong-wook, the NIS deputy director, told reporters. “Our security screening revealed that the vulnerabilities exist, but whether such vulnerabilities had actually been exploited by outside hackers is a different story,” he said.

He explained that over the 12-week screening, the NIS was unable to determine whether the election service systems had been accessed by hackers to sway the results of past elections. The tools used in previous elections have been replaced, and the log files of past activities erased, he said.

The NIS found that the election service failed to abide by security best practices and made basic blunders such as letting unverified contractors have access to internal systems and leaving passwords unchanged on devices. The account of a senior-level official at the service had been breached at least twice by North Korean hackers.

Before agreeing to the NIS-led screening this time, the service overseeing and organizing elections nationwide refused third-party cybersecurity checks citing political independence, despite being alerted of attacks by North Korean hackers.

In May, a report obtained by the National Assembly revealed that the election service had been infiltrated by North Korea’s foreign intelligence agency, the Reconnaissance General Bureau, over the last two years. The election service initially denied having been notified of North Korean attacks, and then later to acceded to receive screening services following public criticism.

In a statement issued the same day, the election service downplayed the security concerns raised by the NIS.

The service said that “the possibility of infiltration does not mean election results being manipulated.” Hackers meddling in elections is a “practically impossible scenario,” it said, dismissing the intelligence agency’s findings. The NIS announcement suggesting foreign actors could potentially influence elections “sowed distrust in the country’s election systems” and “threatened the very basis of democracy.”

The ruling People Power Party says the election service would have to take accountability for denying the possibility of North Korean meddling in the country’s election processes, and for refusing to have its security risks checked.

One lawmaker on the ruling party leadership last week told The Korea Herald under the condition of anonymity that the latest revelations were “serious enough to warrant calls for the resignation of the election service’s chief.”