The Korea Satellite Operations Center, tasked with managing Multipurpose Satellites for reconnaissance satellites, and the Compact Advanced Satellite 500, a public satellite, has fallen victim to a hacking incident. The full extent of the breach remains uncertain, highlighting significant vulnerabilities in South Korea’s space infrastructure. This comes at a critical time, just before the inauguration of the Korea Aerospace Administration, a significant initiative under President Yoon Suk-yeol’s administration.
South Korea’s National Intelligence Service (NIS) has confirmed a recent cyber intrusion at the Korea Satellite Operations Center in Jeju. It is actively investigating the breach’s scope and impact, as reported by sources within the science and technology community on Mar. 26.
Officials have revealed that the hacking efforts began around December of the previous year. The Korea Institute of Science and Technology Information (KISTI), a government-supported cybersecurity entity, identified the breach during a routine security audit.
Established by the Ministry of Science and ICT along with the NIS in 2022, the Jeju-based Korea Satellite Operations Center is operated by the Korea Aerospace Research Institute (KARI). Its primary duties include managing the Arirang 3 and 3A satellites and overseeing satellite imagery. By 2030, the center aims to oversee 70 low-orbit satellites, encompassing Multipurpose Satellites, the Compact Advanced Satellite 500, and small satellites. It is a key research facility in the aerospace field that will become part of the new Korea Aerospace Administration, launched on May 27.
KARI oversees critical Earth observation satellites, such as the Multipurpose Satellites and Compact Advanced Satellite 500, with the NIS being its principal client. The Arirang 3 satellite has an optical camera capable of detailed ground observations (to 70 centimeters), whereas the Arirang 3A features a 55-centimeter resolution camera and an infrared camera for nighttime surveillance.
The NIS is currently working to identify the perpetrators, the methods employed in the hack, and the nature of the compromised data. An NIS official emphasized the agency’s crucial collaborative efforts with the Ministry of Science and ICT.
A security control specialist suggested the likelihood of North Korea’s involvement, saying, “The hack likely originated from North Korea.” Given the history of cyber-attacks on governmental bodies, often traced back to North Korea, and the similarities in the hacking techniques observed, there is a strong suspicion that North Korea could be behind this incident. A breach of the Korean Satellite Operations Center by North Korean operatives could endanger a wide range of sensitive data, including security, economic, and environmental information, gathered by South Korea’s Multipurpose Satellites. These satellites have monitored South Korea and other global regions for over two decades, holding potentially sensitive data about crucial allies.
