A wave of cyberattacks hitting South Korean companies has exposed a dysfunctional government response system where agencies can’t figure out who’s supposed to do what.
The latest victim was Lotte Card, one of the country’s biggest credit card companies, which got hacked following similar breaches at major telecom providers.
The incidents have revealed a bureaucratic nightmare where different government agencies handle cybersecurity depending on what type of company gets hit.
When hackers target banks or credit card companies, the Financial Services Commission takes charge through its Financial Security Institute, following something called Electronic Financial Supervision Regulations.
But if the same hackers go after telecom companies or other non-financial businesses, a totally different agency—the Korea Internet & Security Agency under the science ministry—handles the response under different laws.
This split-jurisdiction setup caused a mess during the KT unauthorized payment scandal, where agencies reportedly couldn’t get their coordination straight because the incident involved financial damage, making it unclear who should lead.
The bureaucratic divide has real consequences. The Financial Services Commission has authority over cases like the Lotte Card hack, but critics say financial regulators lack the technical skills to do proper digital forensics and figure out how the attacks happened.
Meanwhile, KISA has 133 cybersecurity specialists trained in incident response, but regulations prevent them from investigating breaches at financial companies—even though they’re the ones with the technical expertise.
The screwed-up system has politicians calling for a complete overhaul. Representative Choi Su-jin from the ruling People Power Party wants to force agencies to share information and make KISA the go-to technical response team for all cyber incidents, while keeping financial regulators focused on oversight and enforcement.
“We need to mandate information sharing between the science ministry, Financial Services Commission, interior ministry, and police for hacking response,” Choi said. Her proposal would designate KISA as the technical analysis and international response hub for all domestic hacking incidents.
The coordination problems come as South Korea, one of the world’s most wired countries, faces increasingly sophisticated cyber threats that don’t care about bureaucratic boundaries.
