[Exclusive] 'Business-Crushing' Ransomware... National Police Agency to Launch Dedicated Investigation Team
Ransomware Attacks Demand Money After Encrypting Files at Businesses
National Police Agency to Launch Dedicated Investigation Team in the Second Half of the Year
As ransomware attacks (malicious programs that encrypt files and demand payment) targeting companies have been on the rise, the police have decided to form a dedicated team to focus on investigating such cases.
On June 15, the National Police Agency announced plans to establish a separate team within its Cyber Terror Response Unit in the second half of the year, dedicated to investigating ransomware-type cyber terror incidents. The agency has recently completed an organizational restructuring and is reviewing specific details required for staffing, such as investigator qualifications. In addition, the police plan to analyze indicators of compromise that can identify ransomware groups and to strengthen international cooperation with INTERPOL.
![[Exclusive] 'Business-Crushing' Ransomware... National Police Agency to Launch Dedicated Investigation Team](http://www.asiae.co.kr/news/img_view.htm?img=2026061516483310172_1781509714.png)
Last year saw numerous hacking attacks targeting companies, including the leak of SK Telecom USIM information, a ransomware attack on Seoul Guarantee Insurance, and a personal data breach at Coupang. Unlike ordinary hacking that simply leaks personal information, ransomware encrypts files and then demands a ransom for decryption. Recently, a new method has emerged in which attackers first compromise IT system integration and maintenance providers, then use that access to infect client companies. In response, the National Police Agency, together with related ministries, issued its first official security advisory.
The police are currently conducting a nationwide crackdown on hacking crimes through October. Approximately 140 investigators from cyber terror response teams at provincial and metropolitan police agencies across the country have been deployed. Once a dedicated team at headquarters is in place to focus on ransomware cases, the police expect to be able to systematically analyze attack methods and indicators of compromise identified during investigations.
According to the Korea Internet & Security Agency (KISA), the number of security breaches—including ransomware, DDoS, and server hacking—has continued to rise: 1,277 cases in 2023, 1,887 cases in 2024, and 2,383 cases last year. Of these, 89.4% occurred at small and medium-sized enterprises. By industry, the manufacturing sector suffered the highest proportion of incidents, accounting for 47.4% of the total.
Hot Picks Today
!["What's the Use of a Crowded Incheon Airport?" No Cash Bonanza... Suffering at '8,987 Won per Passenger' Leads to Lawsuit Worth 100 Billion Won [Why&Next]](https://cwcontent.asiae.co.kr/asiaresize/93/2026012017013498705_1768896094.jpg)
"What's the Use of a Crowded Incheon Airport?" No Cash Bonanza... Suffering at '8,987 Won per Passenger' Leads to Lawsuit Worth 100 Billion Won [Why&Next]
- Already Expensive..."I Eat Two Eggs Every Morning—This Is Too Much": Early Heatwave Sparks Egg Price Fears
- [Breaking] Q3 Fuel Cost Adjustment Rate Maintained at '+5' Won... Electricity Rates Frozen
- Couple of the Same Age... Amorepacific Third Generation Daughter Seo Hojeong Holds Private Wedding at Shilla Hotel
- Foods That Make Your Face Look Worse, According to a Plastic Surgeon... What Ranked Above Ham and Ramen?
A police official stated, “We are strengthening our response capabilities in light of the recent increase in ransomware attacks targeting companies,” and added, “We will reinforce our efforts to focus investigations on these incidents.”
© The Asia Business Daily(www.asiae.co.kr). All rights reserved.
