If you're a Korea Watcher, you are a target for disinformation, surveillance, espionage, and intimidation. Every second member of the tribe will tell you that North Korea’s cyber capabilities are among the most sophisticated in the world. With thousands of hackers operating under organizations like Bureau 121, the regime targets governments, corporations, and individuals - including Korea watchers. Few however, think about the threats emanating from closer to home.

It’s not just North Korea that uses cyber capabilities to secure and control information online—democracies like Japan, South Korea, and the United States also engage in extensive digital operations. While North Korea’s tactics, such as ransomware and espionage, often make headlines, nations like the U.S. leverage programs like the NSA’s PRISM and Five Eyes networks to collect vast amounts of data on global communications, including those of allies and citizens.

Japan has ramped up its cyber defense and intelligence efforts, with critics raising concerns about surveillance exceeding its defensive mandate. South Korea, constantly vigilant against northern threats, has faced scrutiny for monitoring activists and journalists under the guise of national security. There were a few Korea Watchers who hesitated for an instant over their public postings as martial law was declared. As one Korean Watcher told me: “Being paranoid these days, is being safe!”

Countries employ their cyber capabilities not only to protect critical infrastructure and national interests but also to influence narratives and control public discourse, raising important questions about transparency, accountability, and individual privacy.

Face it, if you research and comment on South or North Korea, you’re at risk. They’re coming at you from all angles! So, how do you secure yourself and your work? Here are six steps to take:

1. Practice Operational Security (OpSec)

• Compartmentalize sensitive information and research.

• Use encrypted messaging apps like Signal for confidential discussions.

• Regularly delete emails and files you no longer need.

2. Fortify email accounts

• Use two-factor authentication (2FA) with a physical security key like YubiKey. Email is less secure, if you do use it, use a secure end-to-end encrypted email service, such as Proton Mail.

• Create complex passwords stored in a password manager like 1Password or LastPass.

• Be vigilant against spear-phishing attempts.

3. Secure devices

• Update your operating system and software to patch vulnerabilities. Windows and Mac with constant updates are great, but if you want to go to the next level, think about using Linux OS with specific privacy and security distributions, such as Qubes or Tails.

• Use reputable antivirus software such as Bitdefender or Kaspersky.

• Encrypt devices with tools like VeraCrypt.

• Implement a firewall to reduce your attack surface.

4. Use a Virtual Private Network (VPN) and practice safe browsing

A VPN masks your IP address and secures internet traffic. Use trusted providers like ExpressVPN, NordVPN, or ProtonVPN to avoid surveillance.

• Use secure browsers like Brave or Tor for sensitive activities.

• Block ads and trackers with browser extensions such as uBlock Origin.

• Avoid clicking on suspicious links or downloading unverified files.

• If you have to use Gmail or Yahoo or any other standard mail service, disable images! Those little images, even the size of a pixel tell the sender where and when you read the email.

6. Compartmentalize research activities

• Use dedicated devices for research and communication.

• Store sensitive data on an air-gapped computer (offline).

• Create disposable email accounts for temporary interactions (routinely provided on Apple devices and Firefox browser.

Half the work of information security is done on the ground, not online. Physical security is a critical complement to cybersecurity, ensuring that sensitive information and devices are safeguarded from physical threats. Securing your workspace with locked storage for documents and robust home security systems like alarms and cameras helps deter unauthorized access. Being vigilant against social engineering attempts, such as strangers seeking sensitive information, is equally important.

Additionally, travel precautions, like using burner devices and avoiding public Wi-Fi, reduce exposure to potential risks in unfamiliar environments. If you really want to be safe, carry your phone in a Faraday bag and only take it out when you’re walking alone in a park or a forest while wearing a disguise - okay that last one was just jerking your paranoid chain, but these measures do collectively protect your research and personal safety from targeted interference.

For Korea Watchers maintaining a robust security stance is particularly difficult. There is a dichotomy between maintaining a social media presence and practicing operational security (OpSec). This is a persistent challenge.

An online presence is often essential for professional visibility, networking, and sharing your latest insights, but it simultaneously creates vulnerabilities that adversaries can exploit. Social media platforms, by design, encourage the sharing of personal and professional information, which can be mined for intelligence, spear-phishing, or harassment. How many times have you seen Korea Watchers highlighting where they are or will be?

Balancing these needs requires carefully curated content, strict privacy settings, and compartmentalization of personal and professional accounts. While a visible online presence can amplify one’s voice, maintaining strong OpSec—such as limiting location sharing, avoiding oversharing, and monitoring one’s digital footprint—is crucial to safeguard against malicious actors, including state-sponsored threats.

Building a security-conscious network is critical. Share best practices with peers, attend cybersecurity workshops, and consult professionals for guidance. Stay updated on emerging threats by following reputable sources.

Tactics evolve constantly. Regularly reassess security measures to stay ahead of potential attacks. Investing in cybersecurity tools, limiting vulnerabilities, and staying informed can significantly reduce your risk.

Korea experts are prime targets for state-sponsored attacks, but effective preparation can make you a harder target. By adopting robust cybersecurity and operational security practices, you can protect your work and yourself while continuing your critical research. Being proactive, vigilant, and adaptable is key to staying secure in the face of determined adversaries!