South Korea has successfully established its trademark as the world’s most connected nation with the fastest Internet and a diverse digital economy. Yet it has also been confronted with an exponential growth of malicious cyber operations and a lack of adequate incident response mechanisms in persistent interstate conflicts in East Asia, increasing the risks of misperception, miscommunication, and miscalculation. During the COVID-19 pandemic, these operations have further accelerated in the region, catalysing the political will to build national and global resilience. This paper traces the legislative, institutional, and strategic adjustments the South Korean state has made to secure its digital transformation against cyber threats. Subsequently, it illustrates the preferences and limits of its bilateral, plurilateral, regional, and multilateral cyber diplomacy and the promises and perils of its cooperation with the European Union on information and communications technologies and research, Internet governance, cybercrime, and cybernorms. Drawing on analyses of primary sources and evidence gathered through interviews with bureaucrats, diplomats, and non-governmental experts, the study purports that Seoul has built an advanced cyber resilience architecture whose effectiveness could be further increased by greater information sharing and coordination between institutions among and within the three pillars governing the protection of South Korea’s public, private, and military sector networks. Its cyber diplomacy is primarily found to be a component of its efforts to enhance its domestic cyber resilience, which requires walking a diplomatic tightrope between cultivating its security alliance with the US and its economic partnership with China while seeking greater strategic autonomy. Amidst uncertainty over US security guarantees and an escalating US-China conflict, South Korea’s strategic partnership with the European Union and their cyber dialogues have become a vital part of successfully managing this balancing act.
- In the past decade, South Korea advanced multi-layered measures enhancing cyber resilience in its national security strategies and Defence White Papers and in sector-specific documents such as the Comprehensive Countermeasures of 2009, 2013, and 2015 and the 2011 National Cyber Security Master Plan. These were developed only in reaction to severe cyberattacks against its computer networks and it took Seoul until 2019 to develop a full-fledged national cybersecurity strategy. Its ubiquitous use of new surveillance technologies to counter crime and espionage, and recently to combat the COVID-19 pandemic, has enjoyed broad public acceptance but was challenged by digital rights groups.
- As one of the world’s leading digital economies, South Korea has become a top target of transnational cybercrime and cyber-enabled espionage. Most importantly, its enduring antagonist, North Korea, has developed sophisticated capabilities to conduct cyberattacks as part of its asymmetric warfare and for espionage and financial purposes. Seoul’s cyber policy will therefore continue to focus on protecting its networks against attacks from the North.
- Seoul recognised that protecting its domestic computer networks requires creating a global normative framework for responsible behaviour in cyberspace. South Korean diplomats have therefore promoted the rule of law, confidence building measures and capacity building in cyberspace and evolved as brokers in multilateral negotiations on cybersecurity norms.
- South Korea and the European Union, strategic partners engaged in a Cyber Dialogue and an ICT Dialogue, share a strong interest in a rules-based order in cyberspace, yet hold independent views on the best institutional shape of this order, as evidenced by Seoul’s reluctance to join the Budapest Convention on Cybercrime. The two tracks should be used to identify priority common concerns and ways to promote those in their respective regions and jointly at global institutions like the United Nations.