South Korea’s military has reported a significant surge in cyberattacks, with over 9,200 hacking attempts recorded in the first half of 2025—a 45% increase from the same period last year. The majority of these intrusions are believed to originate from North Korea, underscoring the growing threat of state-sponsored cyber warfare in the region.
According to data provided to Rep. Yu Yong-weon of the opposition People Power Party, 9,262 cyberattacks targeted South Korean military systems between January and June 2025. Of these, 9,193 were attempts to breach official military homepages, while 69 involved email hacking. No malicious code attacks were detected during this period. The military confirmed that all attempts were successfully blocked, preventing any damage to critical systems.
The surge in cyberattacks represents a stark escalation from previous years, with attempted breaches rising from 6,401 in the first half of 2024 to 9,262 in 2025—a 44.7% increase. Historical data shows a fluctuating but generally upward trend, with 6,146 attacks in 2021, 4,943 in 2022, and 6,805 in 2023.
South Korea’s Cyber Operations Command attributed the majority of these attacks to North Korea, citing correlations between the routing IP addresses and known North Korean cyber operations. While the command declined to provide further details, the assessment aligns with broader intelligence assessments that highlight North Korea’s growing cyber capabilities.
“The fact that cyber intrusions targeting our military’s internet network marked an all-time high is actually a grave warning sign,” said Rep. Yu. “Only one intrusion of the military network can cause fatal damage to the command-and-control system as well as critical information assets.”
Yu stressed the need for enhanced cybersecurity measures, including regular exercises simulating cyberattacks, strengthened security education for military personnel, and the establishment of a centralized cybersecurity control tower under direct presidential supervision. He called for the South Korean government to revise existing laws to better address the evolving threat landscape.
Beyond direct military targets, cyberattacks on South Korean defence industry companies have also surged. According to Yu’s office, reported cases of cyberattacks on defence contractors rose from five in 2021 to 16 in 2024. However, the true scale of these attacks remains unclear due to independent management of security systems under South Korea’s Defense Technology Security Act.
This escalation in cyber warfare highlights the urgent need for robust defence strategies in both military and civilian sectors. As cyber threats become more sophisticated, South Korea must strengthen its cyber resilience to safeguard critical infrastructure and national security. The growing frequency and complexity of these attacks demand a coordinated response, blending technological innovation with strategic foresight.