Page 14 - Election Fraud in Korea-ENG-KOR

P. 14

Despite NEC opposition to any outside review of its operations and activities, following the
revelation that NEC networks had been hacked by the North Korean Lazarus Group at least
4
a half dozen times in the 2022-2023 time frame, the National Intelligence Service (NIS) was
able to analyze and conduct penetration tests of the NEC networks in mid-2023. It issued a
report on the matter in October 2023.

The following account from East Asia Research suggests that warnings of NEC networks
being compromised and affecting the outcome of South Korean elections are not unfounded:

After North Korea hacked the NEC, which was confirmed by the National Intelligence
Service (NIS), the NEC initially ignored the NIS and pretended it never received
notifications. When the NIS provided proof that is had contacted NEC, the NEC
falsely claimed that it is impossible to hack the electronic vote counting machines that
the NEC uses for elections in Korea, and flatly rejected offers of consultation from the
NIS and the Ministry of Public Administration and Safety.

After further public outcry, the NEC grudgingly agreed to a joint security inspection,
but provided only a limited access.
From July 17 to September 22, 2023, the NEC, the NIS, and the Korea Internet &
Security Agency (KISA) formed a joint security team to conduct security checks of
NEC’s systems with the participation of opposition observers recommended by the
National Assembly’s negotiating group.
The NIS confirmed that it was possible to:
l Infiltrate the internal network of the National Election Commission through the
Internet.
l Hack the “Integrated Electoral Roll System” that manages voter registration
status and voting status.
l Change the contents of the electoral roll, such as marking “those who voted early
as non-voters” or “those who did not vote early as people who voted,” and
registering non-existent ghost voters as normal voters.
l Print unauthorized ballots such as a ballot with the same QR code as the actual
early vote ballot.

l Steal information on ballots, such as the stamp of the Board of Elections
l Infiltrate the NEC network since unauthorized PCs were connected to the
communication equipment installed at the early voting stations.
It was recently reported that the NIS discovered more troubling facts, but did not
publicize this at that time. The (NIS) found records of election fraud by computer
tampering through forensics of a portion of the NEC’s servers during the joint security
inspection, which was exclusively reported by SkyeDaily on 5 December 2024.

The NIS could not investigate, because the Democratic Party of Korea single handedly
passed a law taking away the NIS’s investigative authority during the Moon Jae-in
administration. The discovery was promptly reported to the Office of the President
(President Yoon), but the information was apparently not passed to the prosecutor’s office.

4 Although the North Korean Lazarus Group is cited as the outfit targeting South Korea, the PRC has
always been mentioned as posing a risk to South Korean networks, and was specifically fingered in the
2020 National Assembly elections given the Chinese Huawei parts in the voting hardware. As for
claims of Chinese involvement, there are grounds for serious concern in light of PRC’s "motive",
"access", and "expertise".
Motive: breaking the ROK-US alliance and getting the Americans off the Korean peninsula;
Access: easy, given the hardware and system layout and the Moon administration’s demonstrated
close ties with the PRC;
Expertise: Chinese hackers are world-class.

- 8-

9 10 11 12 13 14 15 16 17 18 19