On Oct. 16, Yoo Hee-dong, the director of the Korea Meteorological Administration (KMA), expressed his regret regarding the discovery of malicious code in Chinese-made meteorological equipment, stating, “I deeply apologize. In collaboration with the National Intelligence Service (NIS), the competent authorities for security, the key components within the equipment would be thoroughly examined, including their manuals.” This statement was made during a National Assembly audit of the KMA at the Environment and Labor Committee.
Yoo responded to the remarks by Representative Lim Ee-ja, a member of the ruling People Power Party, who had raised concerns about the discovery of malicious code in five pieces of Chinese-made vertical anemometer observation meteorological equipment. Lim said, “It can be considered that security has been breached. If this malicious code is spread through the internal network of the KMA to other equipment or the overall computer network, it could cause significant disruptions.”
Yoo stated, “The software within meteorological equipment is often embedded systems, making it very challenging to detect malicious code. However, we would address the issue starting from the proposal submission phase in the future.” This means that if there are problems with meteorological equipment, they will raise concerns and work to establish measures for complaints or compensation.
Ji Seong-ho, a member of the People Power Party, inquired, “Has an investigation been conducted to determine the entity responsible for implanting the malicious code? Are there findings regarding whether it was the North Korean Reconnaissance General Bureau, the Chinese Public Security Bureau, or some other hacking organization? Has there been any expression of regret or protest conveyed to the Chinese government concerning the discovery of the malicious code?”
Yoo said, “We deeply regret not detecting the malicious code in the equipment that was delivered. We conducted a thorough investigation of the Chinese-manufactured equipment used in meteorological agencies under the KMA. We believe that any company that supplies equipment with embedded malicious code should be designated as an illegitimate entity.”
Meanwhile, the vertical anemometer observation meteorological equipment in which the malicious code was discovered is set to be installed in two additional locations, Ulsan and Yeonggwang in South Jeolla Province, later this year. Yoo commented, “Since the installation is already completed, there’s no way to reverse it. We will conduct thorough inspections in collaboration with the NIS.”