The Ministry of Science and ICT in South Korea revealed a 26% increase in reported cybersecurity breaches in 2025 compared to the previous year. The total number of breaches reached 2,383, up from 1,887 in the previous year. Server intrusions made up 44.2% of the cases, with distributed denial-of-service (DDoS) attacks following at 24.7%.
Cybersecurity breaches involving malicious code, including ransomware, represented 14.9% of the reported intrusions. The report highlighted cyberattacks on platforms integral to people’s daily lives, such as mobile networks and financial services. Hackers have expanded their targets to sectors like education and healthcare beyond traditional areas like research and manufacturing.
The Ministry of Science and ICT warned that hackers are employing advanced tactics using AI-based automation and coordinated attacks. There are concerns that in 2026, hackers might target “trust-based communication methods” like real-time voice calls for virtual meetings using deepfake technology. They could also aim at existing AI models, injecting malicious information to disrupt systems.
Authorities in South Korea suspect that approximately 9.6 million accounts were impacted by a recent cyberattack on Kyowon Group, a local education service provider. Following the detection of ransomware attack traces, the Korea Internet and Security Agency, as part of a government investigation team, estimated the scale of the potential breach.
