South Korea

국정자원 화재 교훈 잊었나...민관 '오프라인 백업' 포기

ET News | Local Language | News | Jan. 23, 2026 | Critical Infrastructure Failure

The National Information Resources Service (NIRS) has discontinued the use of offline backups—physical isolation of data—in the Daegu Center's private-partnership cloud (PPP) zone. This decision removes the last line of defense against ransomware and large-scale network outages, despite a recent fire at NIRS's Daejeon headquarters that caused significant operational paralysis. Instead of physical, offline data dispersion using fireproof safes at the Gongju backup center, the three tenant cloud service providers (Samsung SDS, KT Cloud, and NHN Cloud) shifted to an online backup method via the "G-Cloud dispersion network" connecting the Daegu and Gongju centers.

Previously, NIRS stored data on physical media like tapes, kept disconnected from any network to protect against simultaneous compromise of original and backup data by disasters or cyberattacks. The new online backup approach, with continuous network connectivity, raises concerns about vulnerability to combined physical and cyber threats. This practice conflicts with the Electronic Government Act and National Information Security Basic Guidelines, which require remote data dispersion including physical isolation for systems rated "high" in importance. While remote dispersion is technically maintained via online transmission, abandoning the air gap undermines the intended security standards.

Additionally, the globally accepted "3-2-1 rule" for data protection—three copies on two media types with one offline backup—has been disregarded. Cost and administrative convenience are cited as primary reasons for abandoning offline dispersion; cloud service providers resisted the manual handling of physical tapes required by regulations, and government authorities deferred to CSPs' autonomy within the PPP zone contracts. NIRS officials noted they lack authority to impose offline backup mandates in privately operated PPP zones.

Security experts criticize this approach, noting major global cloud providers like Amazon AWS maintain isolated backup services despite additional costs. They emphasize that sacrificing critical security measures for convenience is unacceptable for nationally important data and call for urgent development of alternative protections such as logical air gaps.

Yonhap | English | News | Jan. 23, 2026 | North Korea

A joint team of police and military investigators in South Korea raided the homes and offices of three civilian suspects suspected of flying drones into North Korea, in violation of the Aviation Safety Act. The searches began at 8 a.m. on January 21, 2026, as part of an ongoing investigation into drone incursions reported by North Korea in September 2025 and January 4, 2026. South Korea's military denies involvement, stating it does not operate the drone models in question.

One suspect, a graduate student surnamed Oh in his 30s, publicly admitted to flying the drones in a media interview last Friday. He and another suspect, both alumni of the same Seoul university, previously worked at the presidential office under former President Yoon Suk Yeol and co-founded a drone manufacturing startup in 2024 with university support. Oh also operated two online news outlets focused on North Korea, which were shut down amid accusations that they served as fronts for military intelligence operations.

During the raid, investigators searched the university-based startup but did not search the news outlets' offices. The investigation remains ongoing, with authorities keeping all possibilities open. Meanwhile, North Korea claims to have forced one of the drones to fall using electronic means near its border city of Kaesong in late September 2025, escalating tensions between the two countries.

Joongang Ilbo | English | News | Jan. 23, 2026 | UndeterminedInitiative

Seoul has discontinued its foreign caregiver pilot program launched in August 2024 due to ongoing controversies surrounding wages, working conditions, and legal protections for the recruited Filipino caregivers. The initiative aimed to address a shortage of child care workers caused by Korea’s low birthrate and to reduce child care costs while supporting women’s workforce participation. However, the program faced immediate challenges, including absenteeism by some caregivers, high service fees for families, and labor rights concerns amid ambiguous job definitions and visa constraints.

Caregivers in the program earned approximately half the average Korean monthly wage, with significant deductions leaving take-home pay low despite high costs charged to households. The program’s structure involved multiple stakeholders, including government bodies and private platform companies, which weakened worker protections, fostered rigid management controls, and contributed to dissatisfaction among caregivers. The E-9 visa system restricted workers’ employer mobility and residency security, exacerbating vulnerabilities inherent in the pilot.

The initiative revealed deeper systemic issues in Korea’s approach to migrant labor and care work, including fragmented oversight across ministries and undervaluation of caregiving jobs. Experts highlighted that improving domestic working conditions might better address caregiver shortages. Despite ongoing demand for child care, program critics argue that without coordinated reforms to labor policies and residency rights, integrating foreign caregivers effectively remains unlikely.