► Today, the virtual cyber space has become critical for statecraft and has come to dictate the livelihood and daily lives of modern citizens.

► IoT and AI, along with quantum computing, could bring about a hyper-connected society faced with cyber threats beyond our imagination.

► What’s worse is that the cyber security environment around South Korea is more unstable than anywhere else. Mainly, South Korea is surrounded by North Korea, China, and Russia—the three countries with leading offensive cyber capabilities in the world.

► For the foreseeable future, South Korea’s strategy and policy involving cyber security must be carried out in a way that may be perceived as excessive and aggressive.

KakaoTalk’s recent service outage in South Korea, which occurred on October 15, reminded us of the importance and seriousness of cyber security. Today, the virtual cyber space has become critical for statecraft and has come to dictate the livelihood and daily lives of modern citizens. Cyber security in South Korea is important for other reasons as well. Most notably, the latent cyber threat from North Korea is almost as serious as its nuclear threat. For a country like North Korea, cyber security is a “low cost, high efficiency” offensive capability that can—similar to nuclear weapons—decapitate the South Korean society. North Korea’s effort to hack the Korea Joint Command & Control System (KJCCS) in April of this year fully reflects this growing threat. For South Korea, the North has become a source of nuclear threat as well as asymmetric threat in the form of cyber attacks.

If we take a birds-eye view, cyber threats against South Korea may come from the international community. Prior to its military offensive, Russia utilized the cyber space to debilitate surveillance and reconnaissance assets. In response, the United States publicly announced that it is taking offensive cyber operations against Russia. We now live in an era where cyber space is being used for military purposes. As a result, the battlefield of war is being extended beyond land, air, and sea and into cyber space. These shifts are challenging the nature of modern military warfare. For example, the international community is discussing whether cyber attacks taken place prior to a traditional military incursion should be considered—under international law—as an act of war. This discussion is still ongoing but if cyber attacks are considered an act of war, they may seriously impact the security environment on and around the Korean Peninsula. North Korea’s cyber attacks could be interpreted as an act of war against the South, which implies that the United States could get involved militarily due to the ROK-US Mutual Defense Treaty. We could become witnesses to another war on the Korean Peninsula.

As virtual cyber space transforms itself into a critical domain for guaranteeing the safety and security of a nation and its people as well as implementing military strategy, it has led to new types of security threats. Unfortunately, this is only the beginning. The development of digital and cyber technologies is at a nascent stage. IoT and AI, along with quantum computing, could bring about a hyper-connected society faced with cyber threats beyond our imagination. If our digital and cyber capacities continue to grow but this space becomes hijacked by an external force, it could lead to the destruction of data related to government statecraft as well as the weaponization of unmanned vehicles and urban air mobility (UAM)—which will undoubtedly lead to extreme chaos. The development of cyber technology may turn out to be a disaster rather than a blessing. What’s worse is that the cyber security environment around South Korea is more unstable than anywhere else. Mainly, South Korea is surrounded by North Korea, China, and Russia—the three countries with leading offensive cyber capabilities in the world.

Then, how should the South Korean government respond? One way is for South Korea to take a two-track approach that systematically approaches cyber threats from both a national strategy perspective and a working-level perspective. From the national security perspective, the most important component of any national security strategy is its political will, which must be accompanied by capacity, strategy, and institutions. If we examine cyber security from these four components of national security strategy, South Korea is faced with both pros and cons. First and foremost, South Korea seems to possess great political will to deal with cyber threats. Even prior to its inauguration, the Yoon Suk Yeol administration stressed the importance of cyber security. National capacity also seems adequate, especially given South Korea’s status as a leading digital country. The problems lie in its strategy and institutions. Its rather abstract cyber security strategy has failed to differentiate itself from past strategies. Institutionally, there are rooms for improvements. Therefore, South Korea must meticulously review the four strategic components mentioned above, identify areas of improvement, and carry out those improvements. Cyber governance is especially worrisome given South Korea’s inherent egoism embedded in its government institutions. We must design our cyber governance to either resemble the United States’ “spread and mange approach,” the United Kingdom’s “military-information-public-government integrated approach,” or simply start from scratch. In this vein, South Korea must re-organize its legislations and institutions.

From a working-level perspective, South Korea has to devise step-by-step blueprints in terms of prevention/response/follow-up in order to prevent loopholes between its national strategy and working-level responses. In terms of prevention of foreign cyber attacks, it must carefully re-configure cyber security of its national, public, and military network systems. In terms of response, it must enhance its ability to detect actual cyber threats, and respond quickly to prevent or track the attacker in order to minimize damage. In terms of follow-up, it has to implement an “immediate restoration” mechanism so that digital targets can be restarted as soon as the attack takes place.

Concurrently, the importance of international cooperation cannot be overstated, especially given that cyber space extends beyond national borders. Improving cyber information-sharing and joint military exercises between South Korea and the United States, and establishing an international coalition consisting of victims of North Korean cyber attacks (estimated to be around 70 countries) could provide South Korea with a joint response mechanism. In order to improve international solidarity, gaining membership into the Convention of Cybercrime goes without saying. Moreover, we have to remind ourselves that any national strategy without the backing of the public cannot last. It is difficult to find a country where cyber space is so deeply ingrained in the daily lives of its people than South Korea. As such, we must guarantee the continued use of cyber space by South Koreans. To do so, we must develop a policy where cyber threats can be detected and thwarted in real-time via an AI-based response system.

For the foreseeable future, South Korea’s strategy and policy involving cyber security must be carried out in a way that may be perceived as excessive and aggressive. This is because, given the pace at which cyber technologies are advancing, the seriousness and dangers posed by cyber threats have only begun to take shape.