In South Korea, caught between the standoff of North and South Korea, cyberspace has become a silent battlefield. North Korea routinely prowls South Korea’s internet, manipulating public opinion and hacking into government and financial institutions to extract information. Recently, it was revealed that the North Korean hacker group Lazarus had been infiltrating South Korea’s judicial network for over two years, siphoning off more than 1 terabyte of data. The National Intelligence Service (NIS) of South Korea has identified incidents such as hundreds of South Korean officials’ email accounts and passwords being posted on overseas hacking forums, prompting notifications to respective agencies. Despite efforts to defend against these relentless hacking activities, the NIS elevated cyber crisis alerts from “concern” to “caution” level two years ago. Domestic security experts engage daily in defending cyberspace against North Korea’s ongoing attacks.
Park Chan-am, 35, CEO of cybersecurity firm STEALIEN, is at the forefront of the North-South hacking conflict. In a recent interview with The Chosunilbo, he stated, “North Korea’s hacking capabilities are formidable, but we have the best white hat hackers.” He affirmed his commitment to continue operating on the forefront of this “silent war,” advocating for a proactive approach known as “defend forward,” which involves preemptive strikes to prevent hacks before they occur. Park recalled using this strategy to thwart North Korea’s attacks, notably after they paralyzed six South Korean entities including broadcasters and banks through network hacking in 2013. Park emphasized, “I observed preparations for a second cyber attack in 2015 through examination of North Korea’s internal network and promptly alerted relevant agencies, successfully preventing the cyber terror.”
According to Park, recent trends in North Korean hacking have evolved. While they previously hacked government websites to pose as institutions and send emails to individuals or banks, causing network disruptions, the current trend favors hacking software supply companies to infiltrate institutions. With a team of over 80 young and promising hackers and programmers, Park said they are actively brainstorming solutions to these challenges to enhance South Korea’s cybersecurity.
In March 2009, Park gained attention by winning first place in a team of three at the CODEGATE International Hacking Competition, which had over 3,000 participants. Later that same year, in August, under the team name ‘KOREA,’ he maintained first place throughout the HITB CTF held in Malaysia from start to finish. At the time, he was only 20 years old. Starting from his second year of middle school until his second year of university, Park participated in over 30 hacking competitions, earning him the nickname ‘genius hacker’. He remarked, “A genius should achieve remarkable feats in a specific field. I’m simply striving to build achievements, and the title of ‘genius’ is more than I deserve.”
Park’s journey into hacking began at age 11, inspired by depictions in movies and dramas. With no books available on hacking in 2000, he studied Linux, MS-DOS, and other operating systems using computer science books. He recalled wrapping torn and yellow-taped books to continue his obsession with hacking, practicing on a computer his father bought him. A year later, he won his first hacking competition, marking his debut as a hacker.
There are hackers who intercept astronomical sums of money by hacking banks or government institutions. Park also faced such criminal temptations. During the peak of his hacking studies in 2004, he received illegal requests from various groups to hack gambling sites and competitors’ systems. At that time, there were hacker group chat rooms on MSN Messenger, where addresses were exposed, leading to these requests via email. Park noted that individuals engaged in illegal hacking often faced investigations or imprisonment without much difficulty. “As a white hat hacker, my goal was to discover vulnerabilities from an attacker’s perspective and build defenses,” he said. “Despite the temptation to commit crimes, I have never once succumbed.”
He also warned about the serious state of cybersecurity technology and talent drain in South Korea. “Especially in advanced cybersecurity countries like the United States, China, Russia, and Israel, there’s frequent recruitment of talent with salaries ranging from hundreds of millions to billions,” he emphasized. While Israel shows vigilance against technology leaks by requiring approval for selling security technologies, South Korea faces shortcomings even in relevant legal regulations. Park expressed regret over many researchers of core technologies in South Korea moving abroad for higher salaries and stressed the need to discover and support unicorn companies to prevent such talent and technology drain.
In addition to leading his team of 80 employees, Park advises Korean government agencies. Since 2021, he has served on the Cyber Operations Command and Personal Information Protection Commission, contributing as a cybercrime advisory member for the Seoul Eastern District Prosecutors’ Office. His efforts led to establishing a local subsidiary in Jakarta, Indonesia, in 2019, securing contracts with financial institutions for security products. He continues to expand internationally, promoting Korean cybersecurity through competitions, events, and education in ASEAN countries.
