This paper examines existing cooperation on cyber security between the UK and South Korea and ... RUSI PRESS RELEASE EMBARGO 1700GMT 2 March
This paper examines existing cooperation on cyber security between the UK and South Korea and sets out recommendations for future activities between the two states…increased cooperation between common adversaries Russia and North Korea has reinforced the case for closer ties between the UK and South Korea.” This is according to Strengthening UK–South Korea Cyber Security Cooperation , a new RUSI research report by
Dr Pia Hüsch
and
Joseph Jarnecki
. The report assesses the progress and future potential of the UK–Republic of Korea Strategic Cyber Partnership (SCP), agreed in 2023, and says that the growing sophistication of North Korean cyber operations — and deepening cooperation between Pyongyang and Moscow — has made bilateral cyber collaboration strategically urgent.
Under Kim Jong-un’s leadership, Pyongyang has invested heavily in cyber capabilities as an asymmetric tool of statecraft — targeting financial institutions, software supply chains and critical infrastructure. North Korea was explicitly identified in South Korea’s 2024 National Cybersecurity Strategy as its primary cyber security threat. This strategy also commits to the “development of offensive cyber defence and response capabilities”, marking a significant shift in posture.
The SCP was launched as part of the UK–ROK Global Strategic Partnership, reflecting London’s Indo-Pacific ‘tilt’ and Seoul’s expanding global outlook. Despite subsequent changes of government in both countries, the agreement has endured. For the UK, South Korea’s cyber threat intelligence (CTI) on North Korean state-linked actors is seen as a valuable asset in strengthening supply chains and defending its national infrastructure. Imports from South Korea to the UK — including electronics and industrial machinery are strategically significant, and resilience against cyber-attacks to secure UK supply chains is a material national security priority.
Drawing on extensive interviews across government, industry and academia, the study says both countries recognise each other as capable cyber powers, yet engagement remains episodic. The paper concludes that a more consistent cadence of joint activity – across deterrence, standards-setting, academia and commercial cooperation – is required to translate strategic intent into sustained impact.
Key Findings
Mutual incentives underpin continued expansion of the partnership. Momentum for further cooperation is driven by national critical cyber incidents and a mutual interest in emerging technologies, especially AI and quantum technologies. Regular high-profile cyber incidents continue to drive domestic political interest and attention on cyber security, giving the SCP momentum. The study says: “The UK and South Korea have clear motivations to continue expanding activities under the SCP, based on a mutual acknowledgement of each other’s cyber security capabilities.”
North Korean cyber activity, and Pyongyang’s increased cooperation with Russia, have reinforced shared threat perceptions. The paper states: “Increased cooperation between common adversaries Russia and North Korea has reinforced the case for closer ties between the UK and South Korea.” The report finds that information held by South Korea on North Korean cyber threat actors can inform UK agencies’ proactive defence of national cyber resilience and strengthen supply chains.
UK vulnerabilities — particularly in supply chains and connected technologies — heighten the strategic case for deeper collaboration. The report says improved SCP collaboration can help address structural vulnerabilities created by economic interdependence. It notes that: “Imports of cars, iron and steel, mechanical power generators and miscellaneous electronic goods represent 51.1% of total imports from South Korea to the UK, with a value of £2.9 billion.” This level of trade — especially in consumer electronics and industrial machinery — increases the importance of aligning cyber security standards and safeguarding connected devices.
Structural and cultural barriers constrain deeper cooperation. The report finds: “Joint public attributions [of attacks] are a primary motivation behind the SCP for the UK, but persistent challenges to conducting these demand the use of other levers and activities to advance the partnership more effectively…There are several obstacles that limit the scope and depth of the bilateral partnership, including language barriers and cultural differences in working practices.”
Key Recommendations
Sustain a higher operational tempo and expand work on cyber defence and deterrence. The report urges both countries to increase the tempo of operational engagement on cyber defence and deterrence, particularly in the light of North Korean and Russian threat activity. It says: “Increase the cadence of joint activity across four areas: information sharing, standards and policy, academia and research, and commercial partnership.”
Enhance cross-government and public–private threat intelligence sharing. The report calls for regular threat-sharing discussions across relevant agencies and recommends integrating private sector actors to leverage highly relevant cyber threat intelligence from both UK and South Korean companies.
Share best practices on responsible offensive cyber doctrine. With South Korea expanding proactive defence capabilities and the UK advancing its Responsible Cyber Power in Practice approach, structured exchanges on doctrine and legal-technical considerations are recommended. It says: “Share best practices on responsible cyber operations as both countries iterate their offensive cyber doctrine and capabilities.”
Think beyond public political attributions. While joint public attributions [of attacks] remain important, the authors recommend exploring alternat
