Korea remains vulnerable to cyber attacks due to a variety of factors from the lack of experts to the absence of coordination. Computer specialists at the Korea Information Security Agency on watch during the height of cyber attacks in their office in Garak-dong, southern Seoul, last week.
/ Korea Times |
By Kim Tae-gyu
Staff Reporter
The first financial tsunami, caused by a capricious investment banking system and sub-prime mortgages in Western countries, appears to be ebbing.
But experts worry that a second one may flood financial outfits at any time soon, generated not by the actual-world events but by the virtual-world assaults.
The recent wave of distributed denial-of-service (DDoS) attacks in the United States and Korea prompted market observers and even bureaucrats to raise such concerns.
Scores of government and banking Web sites were shut down last past week by unidentified cyber terrorists, who exploited tens of thousands of zombie computers.
``Even the primitive and simplistic DDoS attacks have successfully disrupted the country's online banking system although customers' money was protected this time around,'' Korea Information Security Agency (KISA) official Yoo Jin-ho said.
``What if more sophisticated and intensive schemes are launched to hit the whole system? If we are not ready, this could disrupt Internet banking trading, thus spawning another financial crisis,'' Yoo said.
Ever since online banking was introduced in 1998, the total amount of Web-enabled transactions has snowballed to break through the 1 quadrillion won mark last year.
AhnLab Vice President Cho Si-haeng concurs with Yoo. Cho leads the research center of the country's foremost anti-virus program developer.
``Those accidents featured in some scientific-fiction movies can be realized in the not-so-distant future should we turn a blind eye to online security. I mean that money in my account may be transferred to that of others,'' Cho said.
``Because the evil side, or malicious codes, continue to evolve, the good side also has to progress. The cat-and-mouse game will keep going and we don't have the luxury of being complacent with just a one-off investment,'' he said.
Prof. Chung Tae-myung at Sungkyunkwan University took issue with Web sites of brokerages houses.
``When online banking services are not available, people may visit the branches of lenders. In other words, there is an alternative for the banking services,'' Chung said.
``For stock transactions, however, a delay of just a second may result in huge damages. I am concerned that the DDoS assaults may head toward securities firms next time,'' he said.
Too Late to Close Stable Door?
The unprecedented cyber attacks pulled the carpet from under the feet of the complacent Korean financial policymakers who were not wary of cyber attacks.
For an example of complacency, the financial regulator had local banks subscribe to 2 billion won worth of insurance in preparation for any damages related to hacking or other cyber extortions.
The minimum requirements are much less for other financial outfits ― 1 billion won for card issuers, 500 million won for brokerages and a mere 100 million won for insurers.
``The financial damages associated with hacking will increase. In this sense, the insurance money is too small,'' AhnLab's Cho said.
Surprised by the latest DDoS attacks, the Ministry of Strategy and Finance (MOSF) has drawn up various measures such as setting up a security center by this December.
In addition, the ministry plans to establish a smart system that can identify DDoS attacks as well as recruiting online security experts in the near future.
But watchers claim that such steps are too late and too weak.
``The MOSF intranet was hacked early last year. I don't know what the ministry learned from the incident. In my view, the warning flag was raised back then but the ministry did not acknowledge it,'' said a Seoul analyst who declined to be named.
``The ministry is required to recognize how devastating an effect cyber attacks can have on the economic system and should create much more comprehensive policies,'' he said.
As of Sunday, the DDoS attacks subsided. Headed by the state-backed KISA, the Seoul administration is trying out to identify the cyber terrorists behind the scene.
Yet, similar troubles or more sophisticated DDoS attacks can take place any time, Internet pundits warn.
voc200@koreatimes.co.kr
|
'600만명 학살 지휘' 잔인한 인물의 뒷얘기 공개
