[Exclusive] Hacking and DDoS Damage in First Half of Year 544.5 Billion Won... 12 Times Last Year's Annual Amount

In the first half of this year, the damage caused by information and communication network intrusion crimes such as hacking and DDoS attacks has already reached approximately 12 times the amount of the entire previous year. Despite the increasing harm to the public from a large volume of spam and smishing messages, the arrest rate remains only in the 20% range. Although the police have initiated measures such as developing tracking technologies and strengthening international cooperation, these efforts appear insufficient to effectively prevent the crimes.

According to the 'Information and Communication Network Intrusion Crime Statistics' submitted by the National Police Agency to Park Jeong-hyun, a member of the Democratic Party of Korea, on the 12th, the damage amount surged from 46.4 billion KRW last year to 544.5 billion KRW in the first half of this year. By type of damage, cash amounted to 7.51714 billion KRW, securities 1.48271 billion KRW, virtual assets 531.43574 billion KRW, and others 4.16337 billion KRW.

Information and communication network intrusion crimes involve unauthorized access to computers or networks, or damaging or altering data programs to cause system malfunctions. Notably, hacking attacks targeting virtual assets have increased sharply. Criminals attempt hacking targeting blockchain networks, virtual asset wallets, and exchanges. In fact, among 2,381 cases in the first half of this year, hacking accounted for 1,400 cases, the highest number. This was followed by others (752 cases), distribution of malicious programs (203 cases), and DDoS and other denial-of-service attacks (26 cases).

Information and communication network intrusion crimes occur at an average of more than 13 cases per day in the first half of this year, but the arrest rate is less than 30%. The annual number of cases and arrest rates are as follows: 3,638 cases with 27.6% in 2019, 4,344 cases with 20.9% in 2020, 3,845 cases with 32.6% in 2021, 3,494 cases with 20.8% in 2022, 4,223 cases with 28.0% in 2023, and 2,381 cases with 21.4% in the first half of 2024.

A police official stated, “Information and communication network intrusion crimes use technologies that can evade tracking, such as virtual assets, the dark web, and virtual private network (VPN) services, and many crimes are committed by overseas criminals targeting domestic institutions, companies, and individuals. Compared to other crimes, significant effort and time are required to apprehend suspects.”

Information and communication network intrusion leads to secondary and tertiary crimes and damages. Reports of spam messages exceeded 200 million in the first half of this year, up from 300 million last year, and smishing messages increased from 500,000 to 880,000. If this trend continues, the total number of reports this year is expected to surpass 400 million. This is attributed to attackers who hacked message retransmission companies sending large volumes of spam and smishing messages using stolen accounts.

The National Police Agency currently announced that it is developing technologies and systems to track virtual assets and the dark web, conducting mock training and specialized education for cyberterrorism investigators to strengthen investigative capabilities. It also explained that it is solidifying the international cooperation system by enhancing collaboration with overseas law enforcement agencies, Interpol, Europol, global IT companies, and promoting membership in international conventions related to cybercrime.

Lee Yun-ho, Chair Professor of Police Science at Korea Cyber University, said, “As criminal methods evolve with the use of artificial intelligence (AI), the arrest rate inevitably decreases. In reality, citizens are exposed to danger with no protection,” adding, “Information and communication network intrusion crimes do not end with hacking alone but lead to other crimes. The actual damage scale may be larger and mostly unrecoverable.”

He further advised, “The police need to engage in proactive activities such as sting operations and undercover investigations rather than merely responding after the fact. Although there may be criticisms regarding human rights violations and suppression of freedom of expression, it is necessary to expand discretionary authority to allow aggressive investigations for the public interest and safety.”

© The Asia Business Daily(www.asiae.co.kr). All rights reserved.