[2025 Audit] Culture Ministry Unprepared for Hacking... Half of Projects Receive Zero Budget

There have been criticisms that the Ministry of Culture, Sports and Tourism, along with its affiliated agencies, is virtually unprepared to respond to hacking threats.

According to data on "hacking response status" released on October 13 by Assemblyman Park Suhyeon of the National Assembly's Culture, Sports and Tourism Committee, the ministry failed to secure any budget for five out of eleven hacking response projects since 2024. These include the establishment of a hacking email quarantine system, strengthening DNS security for monitored agencies, building and operating a cyber safety education system, improving the functionality of the work-sharing system, and outsourcing safety inspections for disaster preparedness of information networks.

Approximately 2.19 billion won is required to resume these projects next year, but no funds have been secured. Even for the project to replace outdated security monitoring equipment, which only received partial funding, just 661 million won was allocated out of the required 1.26 billion won, leaving nearly half of the budget unmet. As a result, only five projects have been properly funded.

The Cyber Safety Center under the ministry is responsible for information security at 118 institutions, including the headquarters, affiliated organizations, and related agencies. This budget shortfall could lead to widespread cyber attack damage across these institutions. In fact, from 2021 to July this year, there were 18,624 cyber attacks targeting the ministry's headquarters and affiliated agencies over the past five years. Many of these incidents involved tangible damage, such as server outages and personal information leaks.

The shortage of personnel dedicated to hacking response is even more serious than the budget issue. The total number of dedicated hacking response staff across the ministry and its affiliated agencies is only fifteen. Eighteen agencies have requested an additional twenty-six personnel, resulting in a staffing rate of only 36.5%. Fourteen of these agencies do not have a single dedicated staff member. Notably, the National Library of Korea suffered a denial-of-service (DDoS) attack last year that paralyzed its website servers, and the National Gugak Center experienced 360 cyber attacks over the past five years.

Assemblyman Park stated, "Despite more than 3,000 hacking attempts occurring each year, the ministry has failed to secure sufficient personnel and budget. With public anxiety growing due to successive telecom company hacks and personal information leaks, a more proactive response is urgently needed."

© The Asia Business Daily(www.asiae.co.kr). All rights reserved.