South Korea and Japan ramp up national cyber security defences following a rise in incidents and breaches

South Korean telcos pledge to invest $1.7bn into cyber security over the next five years as Japan passes a new Active Cyber Defence Law and seeks to secure chip manufacturing

South Korea’s new ICT minister has pledged an overhaul of the country’s cyber defense system following incidents at the country's major telecoms companies.

Last week, KT Corp become the second South Korean mobile operator this year to report a cybersecurity breach to the country’s data protection authorities.

The personal data of 5,561 customers - their IMSI and USIM details - may have been stolen by hackers who managed to connect illegal mini base stations to KT’s network to intercept customer transmissions.

As many as 19,000 customers connected to the spoofed base stations with authentication details then used to make fraudulent micropayments - to date 278 cases valued at USD $122,000 have been reported, and the company has pledged to replace SIMs free of charge.

Northeast Asian countries turn to active measures

In April this year, South Korea’s SK Telecom was hit by a cyberattack that led to the theft of personal data on approximately 23 million customers, almost half the country's population. CEO Young-sang Ryu described the breach as "the most severe security breach in the company’s history."

An investigation revealed that cyber criminals infiltrated the company in August 2021 representing a dwell time of almost four years before data was exfiltrated in April 2025.

The Personal Information Protection Commission (PIPC), has now imposed a record fine of 134.8bn Korean won (USD $97.2m) for the serious failings at the company described as "SKT’s failure to adhere to basic security measures and management laxity."

Following notification of the breach, the company announced a $514m investment in new security systems and processes to rebuild customer trust. Around 800,000 mobile customers have changed providers since the hack was publicised.

In mid-July, KT pledged to invest more than 1 trillion won ($730m) over the next five years on its cybersecurity defences and weeks later, LG Uplus said it would invest 700bn won ($504m) over the next five years via a “security-first strategy”.

Minister of Science and ICT Bae Kyung-hoon has said the South Korean government must build a new legal framework that allows proactive intervention where currently companies delay informing the authorities to avoid closer scrutiny and government oversight.

The Korea Internet and Security Agency (KISA) reported 1,888 cyber intrusion cases in the first half of 2025, up from 1,277 in the same period of 2024 and this echoes rising incidents across the region.

Japan's Active Cyber Defence Law

Japan has recorded a 340% increase in sophisticated cyber attacks targeting government systems and critical infrastructure over the past 18 months, with particular focus on semiconductor manufacturing facilities and defence contractors.

As tensions in the region rise, the country has struggled with nation state attacks on defence networks with Japan’s cybersecurity agency breached in 2023 allowing unauthorised access to sensitive data for nine months before being discovered.

The resulting Active Cyber Defense (ACD) Act passed this year enables preemptive cyber threat disruption - including attacker infrastructure takedowns - under a new regime to be live by 2027.

The law also provides the Japanese government with the power to analyse foreign internet traffic for signs of malicious activity and moves the country from a reactive to proactive defence posture for cyber threats.

New cybersecurity requirements for the semiconductor industry have also been established. In 2022, Cyber/Physical Security Guidelines for Factory Systems were published by the Ministry of Economy, Trade and Industry (METI).

The new (Draft) OT Security Guidelines for Semiconductor Device Factories now outline "the necessary factory security measures to achieve an action level addressing the most sophisticated threats" from APTs and nation states.

Chip manufacturing represents a critical national security asset for Japan and clearly that requires enhanced protection. Compliance with the final guidance may become mandatory for chip plants receiving government investment.

In the US, NIST offers a Cybersecurity Framework Version 2.0 Semiconductor Manufacturing Profile for those companies seeking to defend this high value activity.