On August 8, the Ministry of Science and ICT (MSIT) and the Korea Internet & Security Agency (KISA) released the 1H 2025 Domestic Cyber Threat Trends report, emphasizing the need for measures to protect corporate assets and minimize public harm in the face of increasingly sophisticated cyber threats fueled by AI. According to the report, the number of cyber incidents reported in the first half of 2025 increased by approximately 15% compared to last year (from 899 to 1,034 cases), with the information and communications sector accounting for the largest share (32%) of all incidents.1
Furthermore, as shown in the table below, the number of reported incidents has been steadily increasing year over year, suggesting that ex-post and passive measures are no longer likely to achieve meaningful results.
| Category / Year | 2023 (1H) |
2023 (2H) |
2024 (1H) |
2024 (2H) |
2025 (1H) |
|||||||
| % | % | % | % | % | ||||||||
| Cyber incidents reported | DDoS | 124 | 18.7% | 89 | 14.5% | 153 | 17.0% | 132 | 13.4% | 238 | 23.0% | |
| Malware | 156 | 23.5% | 144 | 23.5% | 106 | 11.8% | 123 | 12.4% | 115 | 11.1% | ||
| Ransomware | (134) | (20.2%) | (124) | (20.2%) | (92) | (10.2%) | (103) | (10.4%) | (82) | (7.9%) | ||
| Server breach | 320 | 48.2% | 263 | 42.9% | 504 | 56.1% | 553 | 56.0% | 531 | 51.4% | ||
| Other (e.g., data leak, SPAM) | 64 | 9.6% | 117 | 19.1% | 136 | 15.1% | 180 | 18.2% | 150 | 14.5% | ||
| Total | 664 | 613 | 899 | 988 | 1,034 | |||||||
The MSIT reiterated its firm commitment to countering increasingly sophisticated cyber threats, by stating that it is actively incorporating AI across the entire cyber incident handling process, i.e., detection, response, investigation, and analysis, and aims to minimize harm to the public and businesses through proactive enforcement.
Implications
- As cyber threats continue to grow in number and become increasingly sophisticated, the regulators are expected to step up their monitoring and enforcement activities as well. In addition to implementing emergency measures for security incidents, the government is also expected to drive overhaul of companies’ internal information security systems and protection of public interests by strengthening the pertinent legal frameworks and technical regulations.
- With the complexity of legal and technical responses to cyber threats anticipated to rise in tandem, a comprehensive strategy that encompasses both legal and operational considerations is more critical than ever. As such, establishing partnerships and working closely together with a proven team of experts is essential to minimizing cyber-related risks and ensuring the stability of information security systems.
Shin & Kim’s ICT Practice Group boasts a distinguished team of legal and information security professionals with extensive experience and in-depth knowledge gained from their long-standing careers at key government agencies and regulatory authorities, including the Ministry of Science and ICT, the Korea Communications Commission, and the Personal Information Protection Commission. Among them is a senior advisor who brings 22 years of experience from the Korea Internet & Security Agency (KISA) investigating cybersecurity incidents. Leveraging this expertise, Shin & Kim is equipped not only to provide legal counsel but also to deliver technical and practical incident response, making us a ready and capable partner in effectively addressing a wide range of cyber threats.
Should you require any additional information or have any inquiries, please feel free to contact us at any time.
1 The breakdown of reported cases by industry were as follows: 390 in information and communications, 157 in manufacturing, 132 in wholesale and retail, 59 in industry associations and similar organizations, and 296 in other sectors.
[Korean version] 과기정통부 2025년 상반기 사이버위협 동향 발표
