Korean Research Institute for Construction Policy

The Korean Research Institute for Construction Policy is a research entity headquartered in South Korea. Its specific research focus, core products, services, operational scope, markets served, scale, organizational size, reach, notable footprint, distinguishing attributes, specializations, regulatory role, sector positioning, competencies, ownership structure, and parent or subsidiary status are not detailed in the available source material.

The institute was targeted in a significant cybersecurity incident on January 25, 2023. A Chinese-language hacktivist group known as Xiaoqiying compromised the institute alongside other South Korean research and academic organizations. The attackers successfully exfiltrated data, claiming to have stolen 54 gigabytes, and defaced websites with messages indicating an invasion. Xiaoqiying utilized penetration-testing tools and proof-of-concept exploits during the attack. The group publicly shared stolen information on cybercriminal forums and claimed partnerships with other threat actors like Lapsus$. Motivated by patriotism toward China, Xiaoqiying expanded its operations to include targets in Japan and Taiwan. Following the shutdown of their Telegram channels, the group maintained activity through a clearnet website. No direct links to any government were established for this incident, with the group's non-financial focus suggesting ideological drivers were the primary motivation.