South Korea joined NATO’s cyber defense group on May 5, becoming the second East Asian country after Japan to join the group.
South Korea’s top spy agency, the National Intelligence Service (NIS), said it had been admitted as a “contributing participant” to the NATO Cooperative Cyber Defense Centre of Excellence (CCDCOE) in Tallinn, Estonia.
The CCDCOE’s mission is to support NATO in the field of cyber defense research, training and exercises covering the focus areas of technology, strategy, operations and law.
It was established in 2008 on the initiative of Estonia, in response to alleged Russian cyberattacks in 2007 which targeted Estonian banks, government offices and media outlets after Estonia’s relocation of a Soviet-era World War II monument and war graves.
“Cyberthreats are causing great damage to not only individuals, but also separate nations and also transnationally, so close international cooperation is crucial,” the NIS said in a statement explaining South Korea’s rationale for joining the CCDOE.
South Korea has been trying to join the CCDCOE since 2019, hoping to learn more about threat response strategies and ways to protect key infrastructure, with the broad aim of having world-class abilities to respond to those threats.
While South Korea is an established tech leader with leading tech firms such as LG and Samsung, it has been relatively slow in formally recognizing cybersecurity as a national security priority.
Only in April 2019 did the country publish its cybersecurity strategy, in which one of its stated aims was to position South Korea as a leading country in cybersecurity by enriching bilateral and multilateral cooperation systems and securing leadership in international cooperation.
North Korean cyberattacks
South Korea is a frequent target of North Korean cyberattacks. A particularly noteworthy attack happened last year when North Korea hacked into the Korean Atomic Energy Research Institute (KAERI), South Korea’s nuclear research institute.
This attack raised the possibility of South Korean nuclear secrets being leaked to North Korea.
China has allegedly provided North Korean cyber units with training, technology and cover for their cyber espionage and financial theft operations. Moreover, according to the Korea Institute of Liberal Democracy in Seoul, an elite unit of 6,800 North Korean agents are engaged in fraud, blackmail and online gambling, which brings in US$860 million annually, with many of their operations traceable to China.
While China has not issued an official statement about South Korea’s decision to join the CCDCOE, it would view this move negatively. In an opinion piece in the state-run Global Times newspaper, China pointed out that the US-led NATO is turning South Korea into a pawn against China and Russia in cyber defense.
Moreover, it stated that the rearrangement of US-led cyber and intelligence groups aims to create a global network to contain China and Russia or defeat them in an actual conflict.
South Korea needs to consider its relations with China and Russia in joining the CCDCOE, as the latter two countries are critical in applying diplomatic and economic pressure on North Korea to restrain its belligerent behavior.
South Korea’s decision to join the CCDCOE also puts it under a common trilateral framework with Japan, bringing two of the most capable US allies in Asia under the same umbrella.
In 2019, Japan became a Contributing Participant in the CCDCOE, upgrading its membership from observer status in 2015 and 2018. South Korea and Japan’s common membership in the CCDOE may help bypass longstanding issues that have traditionally hobbled security cooperation between the two countries.
South Korea-Japan ties
South Korea’s historical grievances over Japan’s colonial rule and World War II atrocities, periodic visits of prominent Japanese politicians to the controversial Yasukuni Shrine and an ongoing maritime dispute over the Liancourt rocks.
South Korea’s historical grievances over Japan’s colonial rule and World War II atrocities, periodic visits of prominent Japanese politicians to the controversial Yasukuni Shrine and an ongoing maritime dispute over the Liancourt rocks – small islets in the Sea of Japan between the Korean peninsula and the Japanese archipelago – have stifled efforts for bilateral security cooperation.
However, in 2016 South Korea and Japan signed an intelligence-sharing agreement to share sensitive information about North Korea’s nuclear program, with the agreement automatically renewed annually unless either country decides to withdraw.
Despite this, historical enmity and trade disputes between South Korea and Japan tend to spill over into the defense and security fields.
In 2019, South Korea threatened to withdraw from the agreement due to deteriorating diplomatic relations with Japan after a South Korean court ordered Japanese firms to pay compensation to Korean forced laborers pressed into service during World War II.
Japan responded in kind, restricting exports of materials critical for South Korea’s electronics and microchip industry and struck it down from its “white list” of countries with preferential trade access to strategic goods.
Ultimately, South Korea decided to retain its intelligence-sharing agreement with Japan after a strong US push to save the agreement, as it was critical for trilateral cooperation against North Korea’s nuclear threat and China’s growing influence.
The CCDCOE may provide an expanded, stronger, more stable and institutionalized US-led framework for defense cooperation between South Korea and Japan.