South Korea is home to one of the world’s most robust digital infrastructures, largely as a result of a government-led development model that has favored domestic technologies. But while South Korea’s approach has led to many benefits, it has also introduced unique security vulnerabilities, according to a research report recently published by the Center for Long-Term Cybersecurity (CLTC).
Authored by Nick Merrill, Program Director of CLTC’s CLTC’s Daylight Security Research Lab, the report, “The South Korean Digital Paradox: How South Korea’s Internet Development Model Creates Unique Cybersecurity Vulnerabilities,” uses scenario analysis to explore the security implications of South Korea’s distinctive model.
On April 16, CLTC hosted a webinar focused on Merrill’s paper, and on broader questions about South Korea’s particular security concerns. The panel featured Merrill in conversation with two scholars from the Sam Nunn School of International Affairs at Georgia Institute of Technology: Sanghyun Han, a Ph.D. student in International Affairs, Science, and Technology, and Jenny Jun, an Assistant Professor in the Sam Nunn School of International Affairs. The panelists discussed the paper’s findings — and the relevance for South Korean and international policymaking.
Using Scenarios to Uncover Insights
In his remarks, Merrill explained that the project on South Korea evolved out of his research for the Internet Atlas Project, an initiative focused on mapping and measuring the complex relationship between the internet and global, geopolitical dynamics. “The internet is a global communications network, but it’s also an extremely important strategic infrastructure that helps states, as well as corporations and individuals achieve their goals,” Merrill said. “Occasionally these goals don’t always align, and people will use the internet as a domain of conflict but also a domain of cooperation. The Internet Atlas Project tries to untangle all of these different threads as best we can to understand broadly how power works on the internet through internet infrastructure.”
Merrill explained that he was inspired to study the distinctive geopolitical context of South Korea after researching vulnerabilities specific to Taiwan. “South Korea and Taiwan share a lot of history,” he said. “State formation happened around the same time for both of them.., and both have pursued high-tech development strategies to great success.”
WIth funding from the Korea Foundation, Merrill undertook research on the history of South Korea’s digital infrastructure, and interviewed “all of the Korean Peninsula experts we could find who were willing to talk to us,” Merrill said. “We did a great number of interviews and found all of the literature that we could possibly find on this topic. And on the other side, what we came up with were a couple of scenarios, which really serve as the backbone of this report.”
The scenarios depict hypothetical future cyberattacks that could affect South Korea specifically. One imagines a cyberattack in October 2026 that takes advantage of the KakaoTalk platform, which is privately owned but has become a de facto communications tool in South Korea because it is frequently used by the government to share alerts and other information. In the incident, the attackers sow chaos by manipulating data related to banking, transportation, and other systems. The second scenario depicts an incident in which a sophisticated operation targets Naver, South Korea’s primary information gateway, which is used by 28 million users daily. In the scenario, the attackers manipulate Naver’s AI Recommender System (AiRS) to promote the spread of misinformation.
The scenarios integrated a range of factors specific to the Korean context, including the high degree of nationalism and political polarization among South Koreans, and the fact that citizens may have developed complacency about threats as a result of their past experience with North Korean missile tests. “What we intended to do with these scenarios is create situations that you would never see in any other country,” Merrill said. “A lot of countries could get their submarine cables cut, but there are a few things that could only happen in South Korea.”
Through the research, Merrill concluded that South Korea faces a “digital paradox,” as its focus on homegrown technologies has led to opportunities and risks. “On the one hand, you get the state promoting these domestic champions [like KakaoTalk and Naver]…. On the other hand, this success paradoxically creates a unique vulnerability. What do we do about that? How do we amplify the upside of these policies, and limit the downside risk that comes along with them?”
Homegrown Challenges — and Solutions
In their remarks, Jenny Jun and Sanghyun Han praised Merrill’s paper as an original contribution to the broader conversation about South Korea. “Much of the discourse around cybersecurity and the Korean Peninsula just focuses on the North Korean threat, but this looks at the vulnerability side of things, which is a great addition to the literature,” Jun said.
Jun noted that South Koreans frequently blame foreign countries for issues that are actually caused by domestic factors. “A lot of misinformation in South Korea is actually homegrown,” Jun said, but blaming others “allows some folks to bury their heads in the sand and pretend as if there aren’t domestic sources contributing to the same issue… This is not to say that South Korea shouldn’t worry about foreign sources of misinformation, but there is a tendency, at least in the political discourse, to overweight the foreign inbound misinformation, as opposed to the domestic dynamics under which misinformation is produced and consumed and amplified.”
National security issues are highly partisan in Korea, Jun said, “especially in how they view the North Korean threat.” She noted that “South Korea’s national cybersecurity strategy suffers from this [polarization]…. When you have one administration that is more progressive, they tend to have a more favorable view towards North Korea. Therefore, they want to downplay the cyber threat coming from North Korea. And this affects how they approach strategy in the cyber domain. When a more conservative government comes in, they’re usually more hawkish on the North Korean threat, and that will trickle down to the cyber domain as well.”
While North Korea often receives all the attention, it is not the only cyber threat South Korea faces, Jun said. “There are other state and non-state strategic actors that it has to worry about,” she said. There are criminal actors. There are justice system failures…. There could be benefits in… more practical approaches, as opposed to politicized approaches.”
Han agreed that South Korea’s highly divided political environment can be detrimental to its security. He pointed to a recent public opinion poll showing that South Korea has high levels of political polarization. “Democrats are more supportive of cooperation towards North Korea, towards the so-called ‘Sunshine Policy,’ whereas Republicans are more hawkish and hostile” toward North Korea, Han said.
Han said that there should be a focus on building public awareness and promoting transparency to show how institutions are addressing cyber threats. “Public awareness of what institutions are actually doing backstage order to mitigate these cyber incidents… really helps the public understand what they are doing.”
Jun agreed with the paper’s assessment that Kakao is a conglomerate that is used for a range of services, and thus could be vulnerable to attack. “Kakao sits in so many different industries, therefore, if one thing fails, there are cascading risks.”
South Korea’s cybersecurity strategy needs to have “better coordination and delineation of responsibilities between agencies,” Jun said. “Future crises are going to straddle responsibilities that lie across multiple agencies at once, and there needs to be a seamless system for how to harmonize responses among all of these different agencies.”
Watch the video of the full webinar above or on YouTube.
The South Korean Digital Paradox: How South Korea’s Internet Development Model Creates Unique Cybersecurity Vulnerabilities
