Officers from the National Police Agency's Cyber Terror Response Center examine computer hard drives damaged by Wednesday's cyber attack on banks and TV stations at the center's office, Seoul, Thursday. / Yonhap
Securities tightened but concerns linger
By Kim Rahn
Public concerns are growing over the network security systems of banks and other financial firms following Wednesday's cyber attack, which paralyzed the computer networks of three banks and three TV stations.
Such worries are reasonable as cyber attacks on financial companies can cause huge economic damage to clients if hackers take money from their online accounts or misuse their personal information.
The related authorities have heightened security levels and are monitoring the situation. However, people doubt the effectiveness of those measures, as such cyber attacks are becoming more frequent.
Under attack on Wednesday were the Shinhan Bank and its sister Jeju Bank, Nonghyup Bank, and Nonghyup Financial's two insurance arms. They experienced interruptions in their electronic transaction systems, including Internet and mobile banking and automated teller machines.
The network shutdown was repaired in about two hours. The firms said no financial damage to clients has been reported because the attack didn't damage their main servers. They also said they would compensate customers if such damage was found.
The financial authorities are on alert.
The Financial Supervisory Service (FSS) organized an emergency countermeasure team to investigate the incident. FSS Governor Choi Soo-hyun said the agency would look into whether financial firms have abided by related rules, which oblige them to employ at least 5 percent of their workers in IT positions and 5 percent in security-related jobs.
The Financial Services Commission is also monitoring the situation, not ruling out the possibility of a further attack in the next few days, which are paydays for most companies.
Not only the targeted banks but others have strengthened their security levels, and are checking their networks.
Despite such countermeasures, there is criticism that the authorities and banks failed to properly manage their security systems.
It was the second attack on Nonghyup ― in a 2011 case, almost all transactions were suspended for three days and it took a month for a full restoration of the system. Some transaction records were never recovered. The bank then said it would spend 500 billion won to strengthen its security system, but was unable to prevent the latest attack.
Other banks took their own measures immediately after the attack was reported, but the most workers could do was pulling the LAN cables from their computers.
Security-related institutes have warned about various types of hacking of financial firms for years, but banks have ignored such warnings.
Last year, the Korea Institute of Finance and Financial Security Agency issued reports about the advanced persistent threat (APT)-type attack, which is believed to be the method of Wednesday's incident. They said such attacks are becoming widely used and Korean financial firms should adopt preventive measures.
Experts say a growing number of cyber attacks are made on financial companies, targeting money.
"Hackers attacking Korea, usually those from China or North Korea, used to target game cyber money. But, as regulations have been enhanced on cyber money, they are eyeing real banks," said Lim Chae-ho, a professor at KAIST Graduate School of Information Security.
He said Korea is becoming tempting prey because online transactions are very well-developed here. "Although there has not been a case yet where hackers actually steal money from bank accounts, there will be. I guess hackers are studying Korea's online financial systems and they will soon find unguarded spots."
Lim said both the authorities and banks are neglectful in cyber security and lack systematic management, failing to continuously monitoring online systems. "Their security system, if assessed as a grade, stands at C or D," the professor said.