Hacking originating from China is emerging as a core issue threatening national security, hitting major countries worldwide. The revelation that last year Donald Trump’s presidential campaign was targeted has raised concerns that South Korea is not free from such cyber threats.
◇ “Hacking for political, economic, and military chaos”
According to the security industry on the 30th, hacking from China is evolving beyond simple information theft to become a means of causing political, economic, and military chaos. This is because hacker organizations supported at the national level are using sophisticated technology and organization to launch concentrated attacks on critical infrastructure, government agencies, and communication networks.
According to a report from The Wall Street Journal (WSJ) on the 5th (local time), the Chinese hacker organization "Salt Typhoon" infiltrated at least eight telecommunications networks last year, targeting Donald Trump’s presidential campaign and Kamala Harris’ vice presidential campaign to steal currency data and metadata.
Earlier, on the 2nd of last month (local time), the U.S. Treasury Department was attacked by hackers believed to be linked to the Chinese government. The hackers infiltrated the Treasury's computer system, targeting the Office of Foreign Assets Control (OFAC), which is responsible for economic sanctions against China, and the Office of the Secretary of the Treasury. According to Bloomberg News, the hackers accessed over 40 files that were not marked as confidential on the computer of former Secretary Janet Yellen.
In this context, The Washington Post (WP) reported that "Chinese hackers appear to have had the intention of hindering the achievement of national security goals by preemptively understanding U.S. government sanctions policies."
A large-scale damage has also occurred in Japan. The Japanese National Police Agency announced on the 8th that a hacker organization called "Mirror Face," believed to be connected to the Chinese government, has carried out more than 210 cyber attacks targeting government agencies, including the Japan Aerospace Exploration Agency (JAXA), and private corporations over the past six years. They used emails containing malicious software to steal confidential information. JAXA suffered extensive information leaks due to these attacks in 2023.
The Philippines, embroiled in a territorial dispute over the South China Sea, is also suffering from hacking originating from China. According to the Philippines Department of Information and Communications Technology, military documents and sensitive data of the Philippines were continuously stolen last year.
Taiwan experienced an average of 2.4 million cyber attacks from China per day last year, double the number compared to the previous year. The National Security Bureau of Taiwan claimed that "most of the cyber attacks were carried out by China, aiming at Taiwan’s communication, traffic, and defense."
The Chinese government strongly denies these hacking and cyber attack allegations. Chinese Ministry of Foreign Affairs spokesperson Guo Jizhong stated on the 6th, "China opposes all forms of hacking, and the United States is spreading false information."
◇ “South Korea’s public systems also exposed as targets”
There are analyses suggesting that South Korea is not free from cyber threats originating from China. For example, according to data disclosed by Member of the National Assembly Lee Yong-woo of the Environment and Labor Committee, there were a total of 15,140 hacking attempts targeting the Korea Meteorological Administration from 2021 to September of last year, of which 30.9%, or 4,682 cases, originated from China. The analysis indicates that the Korea Meteorological Administration operates a forecasting system utilizing national infrastructure and advanced technology, making it a major hacking target.
Professor Yeom Heung-yeol of Soonchunhyang University’s Department of Information Security noted, "Hacking from China appears to have national-level purposes, going beyond simple information theft to include network attacks related to security. Given that our country is leading the world in advanced technology fields like semiconductors and autonomous vehicles, we cannot rule out the possibility of attempts to steal related technologies."
He added, "There is a significant possibility that public networks or systems related to diplomacy may become targets for attacks to gauge the situation on the Korean Peninsula."
Ordinary citizens are also suffering from hacking originating from China. It is pointed out that over 80% of IP cameras widely used in closed-circuit television (CCTV) in the country are made in China and are exposed to hacking risks. This is because Chinese IP cameras may contain backdoors (hidden pathways to access the system illegally) that are intentionally installed during the manufacturing process. Through these, hackers can bypass security systems and access devices and networks.
In fact, it was revealed that several hundred videos of individuals’ body exposure in various settings, such as delivery rooms of obstetricians in Korea, swimming pools, and waxing shops, were posted on a Chinese pornographic website last September. There have been hundreds of errors reported in the monitoring CCTV systems installed in over 260 locations across the country, including the metropolitan area's riverside and coast, and ports in Gangwon Province, as part of the high-performance surveillance equipment project in the defense sector in 2020.
Lim Jong-in, Cyber Special Adviser to the President (Honorary Professor at Korea University’s Graduate School of Information Security), stated, "South Korea is the strongest military ally of the United States and also a strong competitive nation to China in industry, which gives China the motive and capability to continuously hack South Korea across military, diplomatic, security, and economic fronts." He added, "Last year, when the Jeju Satellite Operations Center and the Court Administration Agency were hacked by North Korea, there was a significant delay in detection. Therefore, it is natural that we did not immediately detect attacks from China, which has superior hacking abilities to North Korea."