From
Send to

Financial firms ordered to report cyber security

April 15, 2011 - 19:10 By 김연세
Task force to launch crackdown


The financial authorities have embarked on an initial inquiry into the cyber security systems of all financial companies in the aftermath of the recent security lapses at Hyundai Capital and Nonghyup.

“Since April 11, we have been conducting an IT security inspection ― in written form ― into all financial service companies,” the Financial Services Commission said in a statement Friday.

Furthermore, a task force specifically aimed at bolstering the security of the information technology sector in the financial industry is to be formed soon, the regulatory body said.

FSC also said that ― after the paper-based probe ― each financial sector, such as banks and loan issuance firms, will also be subject to the on-the-spot probe of the coming task force starting late this month.

The task force will be composed of the FSC, the Financial Supervisory Service, relevant ministries and IT specialists in the private sector.

“Based on the coming one-month inquiry, we will map out measures to strengthen IT security which could prevent companies from suffering financial accidents (including hackers’ attack),” the FSC said.

In a move to maximize the efficacy, the regulator is also considering cooperating with the National Intelligence Service, the Korea Communication Commission, and the Ministry of Public Administration and Security.

The stern regulatory action comes amid the ongoing situation under which Nonghyup, also called the National Agricultural Cooperative Federation, underwent an unprecedented breakdown in network systems this week.

Nonghyup, whose financial customers reach about 30 million, suffered a significant problem within its online transaction systems for the four-day period from Tuesday to Friday.

While there were two sets of speculation ― the systems could have been hacked or intentionally destroyed by one or more employees ― for the factor, the prosecution as well as financial regulators have already launched separate probes.

In addition, the Bank of Korea said Friday that it would also join the Nonghyup inquiry as early as next week in coordination with financial regulators.

Meanwhile, regulators are also investigating Hyundai Capital, which suffered a cyber attack whereby personal information of about 420,000 customers and passwords of 13,000 were hacked.

According to a report by Rep. Lee Sung-heon of the Grand National Party, many financial companies failed to abide by regulatory instructions on cyber security last year.

Though regulators call for them to set aside IT security funds equivalent to at least 5 percent of their total IT sector budget, only one ― Shinhan Bank ― out of the seven major commercial banks has met the requirement.

Nonghyup posted the 2-percent level in the ratio of IT security spending to the total IT budget, the report showed.

As part of its move to raise the level of oversight, the financial authorities plan to take the currently non-binding “5-percent rule” into serious consideration when they assess financial companies.

By Kim Yon-se (kys@heraldcorp.com)