The nation’s top intelligence agency has denied using a hacking program purchased from an Italian company to monitor South Korean citizens.
At a closed-door meeting with lawmakers Tuesday, the head of the National Intelligence Service insisted the agency had bought Remote Control System software to boost Seoul’s cyberwarfare capabilities against North Korea. NIS director Lee Byung-ho was further quoted by executive members on the parliamentary intelligence committee as saying it was unthinkable that it would put the general public under surveillance and his agency would be ready to receive any kind of punishment if the illegal act proved to have taken place.
His categorical denial that the hacking program was unlawfully used should be backed up by thorough scrutiny to clear lingering suspicions.
Tuesday’s closed-door meeting convened after the whistle-blowing website WikiLeaks revealed “1 million searchable emails” through its platform, which included those exchanged between Hacking Team, an Italian surveillance malware vendor, and an unidentified South Korean entity suspected of being the NIS.
The intelligence agency admitted to purchasing RCS software for 20 targets from Hacking Team in January and July 2012. Experts say the technology can be used to hack data by installing spyware, allowing hackers to manipulate and track smartphones and computers.
The NIS said the program was purchased to analyze technology for cyberwarfare, noting North Korea has obtained the financial information of South Koreans by hacking into about 25,000 phones in the South, according to a lawmaker who attended the meeting.
True, South Korea has been hit by a series of cyberattacks blamed on the North in recent years, though Pyongyang has denied its involvement. But the intelligence agency’s explanation seems short of clearing mounting suspicions that the introduction of the hacking software might have been linked to some illicit activities.
A report by a local daily said the NIS made an order to buy the software for 30 additional targets in December 2012 through a local tech company. The order came at a politically sensitive time ― 11 days before a closely fought presidential election was held.
Former NIS director Won Sei-hoon has been jailed for instructing agents to post Internet comments on domestic political issues in what could be seen as a move to form voter sentiment favorable for ruling party candidate Park Geun-hye, who defeated her opposition contender Moon Jae-in by a narrow margin in the election. Thus, opposition lawmakers may well raise suspicions that the NIS might have used the hacking program for the purpose of illegal political surveillance.
Furthermore, the South Korean public still holds unpleasant memories of the spy agency meddling in domestic politics from the era of authoritarian rule decades ago.
The NIS has said it has been unable to wiretap mobile phones since 2005 when it scrapped all equipment in use for that purpose after an eavesdropping scandal engulfed the nation. The purchase of the hacking software, however, raises the possibility that the agency has not told the truth.
During his confirmation hearing at parliament in March, NIS chief Lee vowed to make the espionage agency politically neutral. But his denial of the illegal use of RCS software fell short of reassuring the public as he was said to have known nothing of its purchase until the media reported on the leaked emails.
What he should do now is to let his agency cooperate fully with a forthcoming probe by lawmakers into suspicions surrounding the hacking program and, if necessary, undertake an internal inquiry.
The latest controversy over NIS activities may risk severe consequences. But only when it is cleared of all suspicions, the intelligence agency can be entrusted with strengthening its hand in coping with cyberterror and other new security threats.
