Page 45 - Interview Book(KOR)-2025-01
P. 45
into the security of its systems, to include ballot counting machines, ballot sorters,
and NEC servers.
Indeed, NEC insisted – and continues to insist – that its networks and hardware and
software used to run South Korea’s elections are perfectly secure and cannot be
hacked. This of course only looks "outside in" and does not address what internal
"bad actors" with access to NEC systems might easily accomplish.8
However, warnings and suspicions, being once ridiculed, about NEC networks
deserve to be taken far more seriously – if not as almost a certainty.
Despite NEC opposition to any outside review of its operations and activities,
following the revelation that NEC networks had been hacked by the North Korean
Lazarus Group9 at least a half dozen times in the 2022-2023 time frame, the
National Intelligence Service (NIS) was able to analyze and conduct penetration tests
of the NEC networks in mid-2023. It issued a report on the matter in October 2023.
The following account from East Asia Research suggests that warnings of NEC
networks being compromised and affecting the outcome of South Korean elections
are not unfounded:
After North Korea hacked the NEC, which was confirmed by the National
Intelligence Service (NIS), the NEC initially ignored the NIS and pretended it
never received notifications. When the NIS provided proof that is had
contacted NEC, the NEC falsely claimed that it is impossible to hack the
electronic vote counting machines that the NEC uses for elections in Korea,
and flatly rejected offers of consultation from the NIS and the Ministry of
Public Administration and Safety.
After further public outcry, the NEC grudgingly agreed to a joint security
inspection, but provided only a limited access.
From July 17 to September 22, 2023, the NEC, the NIS, and the Korea Internet
& Security Agency (KISA) formed a joint security team to conduct security
checks of NEC’s systems with the participation of opposition observers
recommended by the National Assembly’s negotiating group.
The NIS confirmed that it was possible to:
8 NEC’s claims of being ‘hack-proof’ ought to raise eyebrows, as it brings to mind the American Cyber Security
and Infrastructure Agency (CISA) insisVng in 2020 that the US elecVon was the “most secure in history”, to
include from outside hacking. And then two weeks later the US Government was hit with the biggest hack in
history. Who was responsible for prevenVng this? CISA.
And more recently, the US Government has admieed that China’s "Salt Typhoon" hacker group has gained
access to government systems and private telecom networks – a^er announcing that China’s "Volt Typhoon
group had insinuated itself into America’s criVcal infrastructure from 2021-2024.”
9 Although the North Korean Lazarus Group is cited as the ouhit targeVng South Korea, the PRC has always
been menVoned as posing a risk to South Korean networks, and was specifically fingered in the 2020 NaVonal
Assembly elecVons given the Chinese Huawei parts in the voVng hardware. As for claims of Chinese
involvement, there are grounds for serious concern in light of PRC’s "moVve", "access", and "experVse".
MoVve: breaking the ROK-US alliance and gejng the Americans off the Korean peninsula;
Access: easy, given the hardware and system layout and the Moon administraVon’s demonstrated close Ves
with the PRC;
ExperVse: Chinese hackers are world-class.
-25-
