[비즈한국] Technology often crosses borders quietly, tucked away in someone’s bag on their way home from work. Research achievements built up over decades and national strategic technologies disappear inside a few printed pages or a USB memory stick. While dozens of technology leakage incidents are uncovered every year, the full picture remains only partially revealed. Through this series, 'Tech Spy,' Bizhankook reconstructs the moments of leakage based on actual cases.
Over the past five years, the estimated damages to domestic industries from overseas technology leaks have reached 23.27 trillion won. According to data from the office of Representative Kim Dong-a of the Democratic Party of Korea, 33 national core technologies and 105 industrial technologies were leaked between 2020 and June 2025. By industry, these occurred in semiconductors (52 cases), displays (28), electrical and electronics (9), automobiles (9), and shipbuilding (5). This indicates that the issue is no longer limited to specific industries but has become a structural risk piercing through the entirety of the nation's key industrial sectors.
Although methods have evolved, 'people' remain at the center. According to the National Police Agency, over 80% of leak cases involve internal personnel, including former or current employees. Whether it is job hopping, internal leaks by current employees, or broker-involved poaching, the core is the movement of human resources. At the same time, tracking has become more difficult as indirect, legally disguised leaks that utilize investment structures—such as establishing joint ventures (JV), minority equity investments, and overseas R&D centers—are on the rise.

Tech Theft: From Individual Deviance to National Strategy
Industrial technology refers to technical information necessary for the development, production, supply, and use of products, and is designated according to relevant laws. Among these, technologies that would significantly impact national security and the national economy if leaked overseas are separately designated as national core technologies. Currently, 76 technologies across 13 fields, including semiconductors, displays, electrical and electronics, automobiles, railways, and shipbuilding, are managed as national core technologies.
Last year, the National Office of Investigation of the National Police Agency identified 179 crimes related to overseas technology leaks, including 8 cases of national core technology leakage, and apprehended 378 individuals throughout the year, including a 100-day intensive crackdown. While each case, such as disillusionment over missed promotions or compensation gaps, might appear to be an act of individual deviance driven by specific motives, the recent confirmation of organized targeting shows the scope of the impact is expanding.
The semiconductor field, where global technological competition is most intense, is a representative industry that has been suffering from technology leaks for over a decade. The cases related to China's ChangXin Memory Technologies (CXMT) prosecuted by the prosecution are considered typical examples. CXMT is China's first and only DRAM semiconductor company, established in 2016 with approximately 2.6 trillion won invested by the Chinese local government.

The prosecution's investigation revealed that immediately after its establishment, CXMT formulated a meticulous plan to systematically recruit domestic personnel and secure core technologies to develop DRAM. Five key individuals, including a former Samsung Electronics005930 executive who became the head of development at CXMT, along with five development team leaders, organized the theft of 18nm DRAM process information from Samsung Electronics over six years starting in 2018. It was also confirmed that some illegally obtained national core technology for DRAM processes through SK Hynix000660 suppliers.
Investigative authorities believe this led to China's success in mass-producing 10nm-class DRAM—a record that is the first for their nation and the fourth in the world. The prosecution estimated that Samsung Electronics suffered approximately 5 trillion won in lost sales due to the illegal leak. Considering the scale of the domestic semiconductor-related industry (20.8% of total exports), the future damage to the national economy is expected to reach at least tens of trillions of won.
Where Do the Limits of Legal and Investigative Systems Come From?
While technology theft is intensifying in terms of organization and scale, surpassing competition between companies to become inter-state competition, criticism persists that the levels of punishment and management systems are inadequate compared to the scale of damage.
The prosecution that investigated the CXMT case also pointed out that under the current Industrial Technology Protection Act, prison sentences are not severe, and even when a custodial sentence is handed down, there are difficulties in recovering proceeds from the crime. Prosecutor Park Sung-hyun stated in a briefing at the time, "Although there are more cases where custodial sentences are given for technology leakage crimes recently, the sentencing level is still low compared to the damage to companies. Since they receive the price of technology theft as a salary, there are difficulties in determining the scope of criminal proceeds and enforcing forfeiture." Civil remedies are also limited. Although South Korea has attempted to strengthen the system by increasing the limit for punitive damages to five times, it is not easy to utilize in practice under a structure where the plaintiff must prove the exact amount of damages.

South Korea has a multi-agency decentralized structure involving the National Intelligence Service, the police, the prosecution, and the Korean Intellectual Property Office. Lim Jae-kang, a former professor of police administration at Kyungwoon University, diagnosed in a paper published last month in the journal 'Criminal Policy Research' that "While it may appear to have potential strengths on the surface through a decentralized structure with multiple agencies, it has weaknesses such as the absence of a permanent integrated platform for information sharing, insufficient technology recovery mechanisms, and the lack of a permanent, dedicated investigative system." There is also a statistic showing that the acquittal rate for industrial technology leakage cases is more than 11.5 times higher than the overall acquittal rate for all criminal cases (3.0%).
In contrast, the United States operates an FBI-centered integrated investigative system, minimizing bottlenecks from the start of an investigation to indictment through the 'IPR Center,' an investigative coordination platform where 21 agencies are organically linked. Germany is also trending toward separating intelligence and investigation while strengthening their cooperative systems.
Former Professor Lim explained, "Under the current system, information sharing between other agencies and the National Intelligence Service is limited to a cooperative level, and the absence of a legally binding information-linking platform limits the early detection of threat signals."
The amendment to the Espionage Act in the Criminal Act, set to take effect on September 13 this year, is drawing attention as a clue for partial improvement. Expanding the scope of application from the existing focus on 'enemy states' to 'foreign countries and foreign organizations' is a measure aimed directly at industrial spies. However, room for interpretation remains, such as whether corporate technology falls under 'national secrets' and whether foreign companies fall under the scope of application. An official from the office of Representative Park Sun-won of the Democratic Party of Korea, who co-proposed the bill, said, "We have established a large framework for punishment grounds through the revision of the Espionage Act, and we are pushing for supplementary legislation through a revision to the National Intelligence Service Act regarding specific regulations on which agencies will be in charge of this and how they will respond in detail."
The National Intelligence Service Act amendment, jointly proposed on March 17 this year by Representative Park Sun-won's office and Representative Lee Sung-kwon of the People Power Party, includes expanding the scope of the National Intelligence Service's duties, which previously stopped at 'industrial and economic information leakage' and 'defense industry infringement,' to 'economic security' and 'cyber security.' The specific tasks of the National Intelligence Service are specified as supply chain stabilization, strengthening competitiveness in materials, components, and equipment, and the protection of national resources and high-tech strategic industries. The amendment recently passed the National Assembly Intelligence Committee, and follow-up discussions are underway.
'Delicate Design' Rather Than 'Total Blockage': Changing the Security Paradigm
The dilemma on the corporate front is that "it must be stopped, but it cannot be stopped entirely." Not only large corporations but also small and medium-sized enterprises are pushing for security investments and the advancement of leak prevention systems, but the limits of personnel management are structural.

Motivations for leaving include not just salary gaps, but also research environments, freedom of research, and a sense of career stagnation. Furthermore, there is still a culture where companies are uncomfortable reporting damages to investigative agencies. Concerns that secrets might be exposed further during the investigation process, damage to corporate image, and distrust of investigation results work in a complex manner. An industry official said, "Since it is a matter related to technical information, there are situations where corporate damage reporting is delayed." Given that delays in reporting make evidence preservation and blocking diffusion more difficult, this itself can become a security risk. A large company official stated, "Companies holding national core technologies are affected even in general business activities because the criteria for core technologies and personnel are ambiguous. There are parts that are difficult to speed up in global business."
Jang Hang-bae, a professor of industrial security at Chung-Ang University, suggested that the government and companies should actively shift the paradigm of their security systems. Professor Jang pointed out, "Currently, we are taking an approach of controlling everything collectively without properly evaluating the importance of the subjects to be protected. This method lowers research efficiency, and researchers themselves only feel frustration in their work without knowing which data is truly important." He explained that even for national core technologies, an efficient security system should be operated through grading based on risk in the event of a leak.
He added, "We must grade technology and human resources according to importance and impact, and build a granular management system. It must be supported by mutual complementary efforts where the government provides effective guidelines and companies apply them to the field."
The campaigns and SPC networks operated by the FBI are contributing to creating a culture where companies voluntarily report technology leakage threats and cooperate with investigative agencies. It is virtually impossible to prepare for all situations, such as increasing novel methods like broker intervention and disguised employment. Professor Jang emphasized, "Along with improving the human resource management system, we must be wary of the false perception that 'the equity of the technology lies with the researcher' and also advance security culture among researchers and engineers so that they do not consider security a secondary value."