World

41.6% of South Korean workers open simulated phishing emails

By Asia Today and translated by UPI World News - UPI.com
Officials at the Korea Internet & Security Agency (KISA) check Internet systems at the KISA situation room in Seoul, South Korea. Photo by YONHAP / EPA
Officials at the Korea Internet & Security Agency (KISA) check Internet systems at the KISA situation room in Seoul, South Korea. Photo by YONHAP / EPA

June 26 (Asia Today) -- More than 4 in 10 South Korean employees who participated in a government cybersecurity exercise opened simulated phishing emails, but companies that had conducted repeated training recorded significantly better results, officials said Friday.

The Ministry of Science and ICT and the Korea Internet & Security Agency announced the findings at a review meeting at the Post Tower in central Seoul.

A total of 630 companies and 255,460 employees participated in the government's cybersecurity crisis response exercise for the first half of 2026.

The government conducts the exercise twice a year to improve security awareness and strengthen companies' ability to respond to cyberattacks.

The latest exercise was held from May 11 through May 22 and covered four areas: phishing emails, distributed denial-of-service attacks, penetration testing and vulnerability detection and response.

The phishing exercise targeted employees at 569 companies.

Participants received simulated malicious emails designed to resemble messages from familiar institutions or routine workplace correspondence.

The government monitored whether participants opened the emails and clicked attached files that would have triggered malware infections in a real attack.

The results showed that 41.6% of participants opened the simulated phishing emails. About 12.7% clicked an attachment and reached the simulated malware infection stage.

Large companies, which had the highest rate of conducting their own cybersecurity exercises, recorded the lowest figures.

Employees at large companies had an email open rate of 35.4% and a simulated infection rate of 9.8%, highlighting the value of repeated training, officials said.

The distributed denial-of-service exercise tested web servers and development servers at 147 companies by sending simulated attack traffic.

Officials measured how quickly each company detected and responded to the traffic.

Companies that had previously participated in the exercise took an average of 20 minutes to detect and respond to the attack.

First-time participants took an average of 64 minutes, more than three times as long.

The vulnerability assessment covered 241 companies.

Investigators found 28 types of security vulnerabilities at 32 companies. Twelve of those companies had six types of vulnerabilities that required immediate corrective action.

The ministry and the agency provided the affected companies with their assessment results and instructions for addressing the weaknesses.

Lim Jeong-gyu, director general for information security network policy at the ministry, said the emergence of advanced artificial intelligence was making cyber threats facing companies increasingly serious.

"Building technical defense systems is important, but having all employees directly experience and respond to a simulated crisis can prove invaluable at a critical moment," Lim said.

He encouraged companies to participate regularly in cybersecurity exercises rather than treating them as one-time events.

-- Reported by Asia Today; translated by UPI

© Asia Today. Unauthorized reproduction or redistribution prohibited.

Original Korean report: https://www.asiatoday.co.kr/kn/view.php?key=20260626010009374

Copyright 2026 UPI News Corporation. All Rights Reserved.

This story was originally published June 26, 2026 at 5:32 PM.

Get unlimited digital access
#ReadLocal

Try 1 month for $1

CLAIM OFFER