National Tax Service 'coin leak' prevention... Government to manage 78 billion won in virtual assets

National Tax Service 'coin leak' prevention... Government to manage 78 billion won in virtual assets

Collection amount 100 times in 3 years... Leakage incidents at agencies like police and prosecutor's offices are also successive

Store in 'cold wallet' institutional wallet immediately upon acquisition... Designate dedicated organization, conduct mock drills

The government is introducing a system to systematically manage approximately 78 billion won worth of public sector virtual assets it holds.

The plan is to create specific internal regulations covering everything from acquisition to storage, inspection, and post-incident response to prevent the recent series of virtual asset leakage incidents, such as those at the National Tax Service.

On the 10th, the government approved the 'Improvement Plan for Public Sector Virtual Asset Holding and Management System', which contains these details, at an emergency economic headquarters meeting and a meeting of economy-related ministers chaired by Deputy Prime Minister and Minister of Economy and Finance Koo Yun-cheol at the Seoul Government Complex.

As of the 6th, the central government holds a total of 78 billion won worth of virtual assets through seizure and confiscation during investigation and tax collection processes. By agency, the National Tax Service holds 52.1 billion won, the Prosecutor's Office 23.4 billion won, the National Police Agency 2.2 billion won, and the Korea Customs Service 0.3 billion won. Public institutions hold 360 million won in virtual assets received as donations.

The government explained that these assets are amounts temporarily stored before final disposition, such as forfeiture or sale, or immediately after receipt and before conversion to cash, and the overall scale is fluid depending on the situation.

As the public's ownership of virtual assets increases, the government's acquisition volume is also rapidly growing. Last year, the compulsory collection amount of virtual assets was 63.9 billion won, more than 100 times higher than in 2022 (0.6 billion won).

However, leakage incidents are recurring due to a lack of awareness of virtual asset characteristics by agencies and negligent management.

In February, the National Tax Service announced through a press release that a virtual asset recovery phrase (mnemonic code) was leaked, resulting in the theft of 4 million PRTG, estimated to be worth several million won.

In the same month, the Gangnam Police Station belatedly discovered that 22 Bitcoins worth approximately 2.1 billion won, which were stored on a USB after seizure, had been leaked externally.

In August last year, the Gwangju District Prosecutor's Office lost 320 Bitcoins worth approximately 30 billion won due to accessing a phishing site during a work handover.

In response, the government decided to implement a management system covering all stages from acquisition to post-incident response.

First, virtual assets confiscated or seized from personal wallets, etc., must be immediately transferred and stored in institutional wallets, such as 'cold wallets,' where internet connection is blocked on-site. Important information such as private keys or recovery phrases issued when creating institutional wallets must be managed by two or more people in a divided manner.

For assets stored by exchanges, accounts will be immediately frozen with the cooperation of the service provider, and donated assets will be disposed of immediately upon receipt to mitigate risks.

Physical control devices such as safes and closed-circuit (CC) TVs will be installed at storage locations, and access records will be periodically checked.

In the event of a leakage incident, immediate emergency measures will be taken, such as creating a new wallet and transferring the remaining assets.

If the scale of damage exceeds a certain standard or external hacking is confirmed, the National Intelligence Service, National Police Agency, and Korea Internet & Security Agency (KISA) must be immediately notified, and the Ministry of Economy and Finance and the Ministry of Interior and Safety must be reported.

Incidents caused by regulation violations will lead to measures against those involved, including criminal charges and disciplinary actions.

Each agency will designate a dedicated management organization and personnel, provide training to responsible persons, and conduct mock leakage response drills at least once a year.

These guidelines will be distributed to each ministry, local government, and public institution starting on the 10th and will be implemented immediately.

If necessary, detailed guidelines tailored to each agency's situation will be established.