Cyberattacks on South Korea’s military reached their highest level in five years in 2025, as the Ministry of National Defense faces increasing cybersecurity risks and challenges in retaining trained cyber specialists. The rise in attacks has intensified calls for stronger defense measures amid phishing threats and concerns over North Korea’s expanding cyber capabilities.
Data submitted by the Ministry of National Defense to Rep. Yu Yong-weon of the People Power Party indicates that cyberattacks on military systems fell from 11,700 cases in 2021 to 9,115 in 2022. However, incidents surged to 13,599 in 2023 and 14,419 in 2024, with a significant increase to 18,951 in 2025, marking a 108 percent rise from 2022 and a 31 percent increase compared to 2024.
Most attacks aimed to gain administrator privileges and compromise military websites, accounting for 18,792 incidents in 2025. Phishing emails disguised as messages from trusted sources also increased sharply, rising from 16 cases in 2023 to 127 last year, indicating a diversification of cyberattack methods.
The Cyber Operations Command reported that recent signs suggest North Korea has begun utilizing AI in its hacking operations, including malware development and infiltration attempts through fake job applications. This indicates a growing sophistication in North Korea’s cyber capabilities.
Amid these rising threats, North Korea is expected to enhance its cyber operations by expanding the Reconnaissance General Bureau, the primary intelligence agency responsible for overseas intelligence and cyber activities. Kim Jong-un recently ordered the bureau’s expansion to strengthen its reconnaissance and intelligence capabilities, which South Korean military intelligence estimates oversees about 8,400 hackers.
Despite the increasing frequency of cyberattacks on military infrastructure, the Ministry of National Defense struggles to retain cybersecurity personnel. Since 2012, the ministry has operated a cyber officer cadet program, offering approximately 40 million won (US$26,700) in tuition support to students in key university departments.
Graduates from this program are commissioned as officers and assigned to units like the Cyber Operations Command. However, data reveals that 89 of the 104 cyber specialist officers commissioned between 2016 and 2019, approximately 85 percent, left the military after their mandatory seven-year service. Last year, only seven of 24 graduates accepted commissions.
While departing military members are required to repay their financial assistance, many opt out, citing stronger demand, higher salaries, and better working conditions in the private AI and cybersecurity sectors.
As cyber threats from North Korea escalate, South Korea’s military must address its workforce challenges to bolster its cybersecurity defenses.




