{"id":2204324,"date":"2024-03-18T16:00:03","date_gmt":"2024-03-18T07:00:03","guid":{"rendered":"https:\/\/koreapro.org\/?p=2204324"},"modified":"2024-03-19T16:31:50","modified_gmt":"2024-03-19T07:31:50","slug":"korean-governments-widespread-use-of-personal-emails-poses-security-risks","status":"publish","type":"post","link":"https:\/\/koreapro.org\/2024\/03\/korean-governments-widespread-use-of-personal-emails-poses-security-risks\/","title":{"rendered":"Korean government\u2019s widespread use of personal emails poses security risks"},"content":{"rendered":"
South Korean government officials often use personal email accounts for official business, a widespread practice that raises the risk of security breaches, data leaks and reputational damage.\u00a0<\/span><\/p>\n Despite long-standing fears of hacks and phishing from North Korea-related actors, multiple current and former officials told <\/span>Korea Pro<\/span><\/i> that using personal email accounts for official purposes is common across the government.<\/span><\/p>\n Evidence of this practice is readily available. Official government business cards often display personal Gmail and other such addresses, and when they do not, staffers commonly scribble personal email addresses onto the cards.<\/span><\/p>\n This correspondent\u2019s collection includes over a dozen such business cards from elected lawmakers, national intelligence officers, department directors from the foreign and unification ministries and even police officers.<\/span><\/p>\n Further, multiple lawmakers list their <\/span>commercial email addresses<\/span><\/a> on the National Assembly website.<\/span><\/p>\n This blase approach has already had potentially dire consequences. North Korea-linked hackers allegedly obtained details of President Yoon Suk-yeol\u2019s travel schedule and some messages the president sent <\/span>through an aide<\/span><\/a> who had stored that information on a non-secure commercial email server.<\/span><\/p>\n A South Korean government source told the press they were \u201cbeyond shocked and appalled\u201d about the incident. However, former and current government officials told <\/span>Korea Pro<\/span><\/i> that the issue is commonplace, citing a range of technical and cultural reasons.<\/span><\/p>\n \u201cAs far as I am aware, pretty much everyone uses personal emails for work purposes,\u201d a researcher at a government think tank told <\/span>Korea Pro<\/span><\/i> on condition of anonymity.<\/span><\/p>\n \u201cWe are strongly advised not to use personal emails for work purposes and the admin team repeatedly warns that the audit bodies may do something about it when they find out, the researcher explained.<\/span><\/p>\n \u201cBut everyone knows that it is difficult not to use personal emails considering the hassle that the current professional online system is causing.\u201d<\/span><\/p>\n South Korea\u2019s presidential office declined to comment on <\/span>Korea Pro\u2019s<\/span><\/i> findings, while the National Intelligence Service referred <\/span>Korea Pro<\/span><\/i> to a document from the National Cyber Security Center titled \u201cBasic Guidelines to National Information Security\u201d without further elaboration.<\/span><\/p>\n