I am an editorial writer at The Korea Times, focusing on foreign policy, North Korea and domestic politics. My key areas of interest include North Korea, foreign interference in elections, election integrity, cyberattacks and human rights. Prior to joining the Editorial Board, I served as both Politics Desk editor and Culture Desk editor. During my career, I have reported on the Presidential Office under the Lee Myung-bak administration, the Ministry of Foreign Affairs and the National Assembly.
How data heists fuel digital imperialism
People walk past a Coupang warehouse in Seoul, Tuesday. Yonhap
By Kang Hyun-kyung
Data heists on the rise as foreign influence operations intensify
Theft, more often than not, is a financially motivated crime. Robbers steal cash, goods or both to satisfy material desires. The same logic applies to many cybercrimes: Perpetrators infiltrate networks, steal or encrypt critical data, render systems unusable and sometimes demand ransom in exchange for restoring access.
But theft in cyberspace is not always driven by profit. Some attackers penetrate networks simply for amusement or to boast about their technical prowess. Others have far more ambitious motives. They target transnational digital infrastructure or that of specific nations, using hacking as a strategic tool to outmaneuver adversaries.
The data breach at Korea’s e-commerce giant Coupang has stunned the public. Personal information belonging to 33.7 million customers — including names, email and mailing addresses, phone numbers and records of their five most recent orders — was stolen. The intrusion began in June, yet Coupang remained unaware until it received an email from the perpetrator: a former Coupang software engineer responsible for the company’s cybersecurity. The suspected hacker, who the company said is a Chinese national, warned that he would disclose the breach unless Coupang strengthened its security systems. Without this message, the theft might have gone unnoticed far longer.
President Lee Jae Myung said he was “stunned” that the e-commerce leader failed to detect an infiltration that lasted five months. “How could they know nothing about it? This is puzzling,” he remarked sarcastically during a Cabinet meeting, calling for strict punitive action against the company.
He also ordered Cabinet ministers to devise unprecedented, paradigm-shifting measures to protect both public and private entities from similar intrusions, warning that such incidents will recur in an increasingly digital society.
Coupang cannot deny responsibility. Its systems were vulnerable to external intrusion, and no one within the company detected the monthslong breach. This is incomprehensible for a firm whose lifeblood is customer data. There was no early warning mechanism to flag suspicious activity or alert the company when signs of a data breach emerged.
But criticizing Coupang without implementing preventive solutions will not be constructive.
The massive data breach should instead serve as an opportunity to learn something important. Data breaches have grown increasingly frequent in recent years. Coupang is not the only company that has suffered a data heist. Before Coupang, the nation’s largest telecommunications provider, SK Telecom, was hacked, resulting in the theft of data from some 27 million customers. Luxury brands, credit card companies and many other businesses have experienced similar incidents.
Preventive measures are essential. Equally important, however, is the need for a constructive and imaginative debate about the consequences of data breaches. How might stolen data be used? What worst-case scenarios could the nation face if the attackers exploit data maliciously?
Notably, the attackers who targeted SKT and Coupang did not demand ransom payments. This suggests that they were not financially motivated. If money was not their goal, what was? Answering this requires understanding who the perpetrators are and why they infiltrated these systems.
What is known so far is that both cases have connections to China. The former Coupang employee who is suspected of stealing the data of millions of customers is a Chinese national. According to media reports, the number of Chinese software engineers at Coupang has risen sharply, with Chinese workers increasingly replacing Korean employees. The report is based on discussions posted on Blind, an anonymous professional community where verified employees talk openly about workplace issues such as pay, company culture and working conditions.
A Chinese hacking group is also believed to be behind the SKT incident. In an April 24 press release, Taiwan-based cybersecurity firm Team T5 attributed the SKT hack to a Chinese advanced persistent threat group. The firm said the attackers exploited a critical vulnerability in Ivanti Connect Secure VPN appliances to infiltrate multiple organizations around the world, noting that Korea was one of 12 countries affected by the campaign.
Repeated thefts of massive amounts of data inevitably raises questions about the attackers’ motives. If these incidents recur, there must be a reason. And if a particular country repeatedly emerges as the point of origin, there must be a convincing explanation for its intentions.
One possible answer is digital imperialism.
Digital imperialism is emerging as a new pattern amid growing confrontation between democracies such as South Korea, the United States and Japan, and authoritarian states including China, Russia and North Korea.
Digital imperialists conduct influence operations and infiltrate adversaries’ networks to disrupt their societies. In this context, personal data has become a strategic asset, prompting ambitious states to collect as much of it as possible.
The digital border has become increasingly important as technology ushers in a highly connected digital society. Defending this digital frontier is now as essential as protecting a nation’s sea, airspace and land territories.
Kang Hyun-kyung is a Korea Times editorial writer. The views expressed in this article is solely her own and do not express the views of The Korea Times.