JULY 2025
A Cyberattack Severity
Classication Framework
for the Republic of Korea
By Sunha Bae
Introduction
Despite deterrence eorts, cyber threats continue to escalate, highlighting the need for greater
accountability from and cost imposition on malicious actors. The U.S. 2023 National Cybersecurity
Stratey emphasizes imposing costs on malicious actors and reinforcing alliances; the Republic of
Korea’s (ROK) 2024 National Cybersecurity Stratey also prioritizes oensive cyber defense and
global cooperation. Since 2018, U.S. Cyber Command’s “Defend Forward” policy has resulted in 40
Hunt Forward operations across 21 countries, exposing threats from major adversaries. Similarly,
the European Union’s updated 2023 Cyber Diplomacy Toolbox stresses situational awareness and the
importance of holding persistent threat actors accountable.
Attributing cyberattacks and formulating response strategies are inherently political processes shaped
by national security priorities, diplomatic relations, and geopolitical considerations. Governments
must balance deterrence with escalation risks, ensuring proportionality and international legitimacy. It
is therefore dicult to establish a single, uniform standard for response. Nevertheless, consistent policy
is necessary, as the absence of clear frameworks increases political burdens, delays decisionmaking,
and results in inconsistent responses that can confuse allies.
A national framework for classifying cyberattack severity enhances objectivity, guiding policy decisions
and facilitating mutual understanding between nations. Although South Korea has shown strong political
will to respond to malicious cyber activities, it lacks a clear legal and policy framework for response
procedures. To ll this gap, this paper proposes a Cyberattack Severity Classication Framework (CSCF) to
objectively assess and categorize cyberattacks, supporting informed decisionmaking.
