South Korea’s National Cyber Security Center (NCSC) has increased the national cyber threat level following a significant fire at a government-operated data centre, raising concerns about the potential for cyber attacks amid ongoing recovery efforts.
The fire, which broke out Friday evening at the National Information Resources Service (NIRS) facility in Daejeon, led to the shutdown of hundreds of government digital systems. The NIRS is one of three main government data centres supporting the country’s digital infrastructure.
According to The Guardian’s report, the incident began during the relocation of lithium-ion batteries from a server room, when one battery ignited and the fire spread to other batteries and nearby servers. Firefighters managed to extinguish the blaze after nearly a full day. One worker was treated for minor burns.
According to The Korea Herald, authorities responded by shutting down 647 government-operated systems to prevent further damage.
The outage affected a wide range of public services, including government email, internal communication platforms, mobile identification, postal banking, and citizen complaint systems.
Schools lost access to student records, tax filing deadlines passed without system access, and real estate transactions were delayed due to unavailable digital verification.
Some hospitals and transport terminals also faced disruptions, particularly for citizens without physical identification.
On Sept. 29, the National Cyber Security Center, part of the National Intelligence Service, raised the cyber threat alert from “attention” to “caution.” Officials cited the risk that malicious actors could exploit vulnerabilities as restoration work continues.
By Tuesday afternoon, authorities reported that 89 of the affected systems had been restored, including key government portals and identity verification services. However, 96 systems were reported as completely destroyed.
The process of transferring these systems to a backup facility in Daegu is expected to take up to four weeks, extending disruptions into the Chuseok holiday period in early October.
President Lee Jae Myung addressed the incident at a crisis meeting, expressing concern over the lack of backup systems.
“This was a foreseeable incident, yet there were no countermeasures. It’s not that the measures failed to work – they simply did not exist,” he said, as reported by Korea JoongAng Daily.
When pressed on backup protocols, officials were unable to provide clear answers, prompting further scrutiny of contingency planning.
The fire has drawn comparisons to a 2022 incident involving a lithium-ion battery fire at Kakao, which disrupted digital communications nationwide.
Following that event, lawmakers introduced requirements for redundancy and equipment spacing in data centres and among internet service providers.
For the insurance sector, the incident highlights the importance of comprehensive cyber risk coverage and business interruption policies.
