South Korea Cybersecurity Breaches Jump 26% in 2025, AI Threats Accelerate
Updated (2 articles)
Cyber Incidents Surge to 2,383 Cases in 2025 The Ministry of Science and ICT recorded 2,383 reported breaches for 2025, up from 1,887 in 2024, marking a 26 percent increase[1]. The rise reflects heightened activity across both public and private networks. Officials attribute the growth to more sophisticated, AI‑enabled attack methods that automate reconnaissance and exploitation[1].
Server Intrusions Remain Dominant Threat Category Server‑side intrusions accounted for 44.2 percent of all incidents, making them the most frequent breach type[1]. Distributed denial‑of‑service attacks followed at 24.7 percent, while malicious code, including ransomware, comprised 14.9 percent[1]. The concentration on servers indicates attackers continue to prioritize high‑value data repositories and critical infrastructure access points[1].
Attackers Expand Targets to Schools and Hospitals The ministry noted a marked shift toward education and health sectors, adding schools and medical facilities to the list of frequent victims[1]. Earlier reports had focused on research, manufacturing, and energy, but the new targets increase potential societal impact[1]. This broadened scope aligns with attackers’ use of AI to identify vulnerable systems across diverse sectors[1].
Government Launches AI‑Driven Prevention and Response Programs In response, authorities plan to deploy AI‑based detection and automated response tools to close security blind spots[1]. The initiative aims to create a more reliable cyber environment for businesses and citizens alike[1]. The program follows a high‑profile breach at telecom operator KT, after which its CEO publicly apologized in September 2025[1].
Timeline
2023 – Taiwan records a low baseline of daily cyberattacks; the 2025 figure later shows a 113 % increase from this year, highlighting a rapid escalation of hostile activity against the island’s critical infrastructure[1].
2024 – Cyber incidents against Taiwanese hospitals, banks and energy providers rise 6 % compared with the previous year, indicating a steady upward trend in threat intensity[1].
May 2025 – Attacks surge around President Lai Ching‑te’s speech, suggesting adversaries deliberately amplify cyber pressure during politically sensitive moments[1].
November 2025 – A second spike follows Vice President Hsiao Bi‑khim’s meeting with lawmakers at the European Parliament, reinforcing the pattern of timing hacks to coincide with high‑profile diplomatic events[1].
2025 (annual) – The National Security Bureau reports an average of 2.63 million cyberattacks per day on Taiwan, a figure that underscores the island’s exposure to sustained, large‑scale digital aggression[1].
2025 (throughout the year) – Beijing conducts 40 joint combat‑readiness patrols and triggers 23 cyber‑attack escalations, linking kinetic military drills with coordinated cyber campaigns as part of a hybrid pressure strategy[1].
2025 (throughout the year) – Chinese authorities publicly deny any involvement in the hacking spree, while Taiwanese officials reiterate that “only Taiwan’s people can decide their future,” framing the cyber conflict within the broader sovereignty dispute[1].
2025 – South Korea logs 2,383 cybersecurity breaches, a 26 % rise from 2024, reflecting the growing prevalence of AI‑driven attack tactics across the nation[2].
2025 – Server intrusions account for 44.2 % of all Korean breaches, DDoS attacks make up 24.7 %, and malicious‑code incidents (including ransomware) represent 14.9 %, illustrating the threat landscape’s composition[2].
2025 – Hackers adopt AI‑based automation, deep‑fake voice calls, and data‑poisoning of AI models such as chatbots, raising the sophistication and potential impact of future cyber operations[2].
September 2025 – KT CEO Kim Young‑shub publicly apologizes for a major data breach disclosed that month, highlighting the vulnerability of South Korea’s telecom sector and prompting calls for stronger safeguards[2].
2025‑2026 (planned) – The South Korean government announces AI‑driven detection and response programs aimed at closing security blind spots and creating a more reliable cyber environment for businesses and citizens[2].
Jan 5 2026 – Taiwan’s National Security Bureau publishes its 2025 cyber‑attack report, providing the first official year‑by‑year data series on the island’s digital threat exposure[1].
Jan 27 2026 – South Korea’s Ministry of Science and ICT releases its annual cybersecurity report, detailing the 2025 breach surge and outlining forthcoming AI‑based prevention initiatives[2].