Incident Response Training Procedures Conducted by the Financial Security Institute Photo by Financial Security Institute
[Asia Economy Reporter Song Seung-seop] The Financial Security Institute announced on the 16th that it plans to conduct breach incident response training this month targeting 188 financial companies and electronic financial service providers.
According to the Financial Security Institute, this year's training will focus primarily on response drills for DDoS, server hacking, and APT attacks.
In the case of DDoS attacks, realistic training will be conducted by identifying cyber threat cases exploiting the increased remote work situation due to COVID-19. Since August last year, the financial sector has continuously experienced ransom DDoS attack techniques demanding virtual assets such as Bitcoin along with service disruption threat emails. The Financial Security Institute plans to analyze and reconstruct the attack techniques used in ransom DDoS attacks and incorporate them into the training.
For server hacking attacks, the focus will be on vulnerabilities in cloud automation management programs and remote access conducted during remote work. They are closely monitoring the increase in attacks exploiting vulnerabilities in open-source management programs that monitor and update server status in data centers or cloud environments. It is also known that accounts used to access company internal systems from outside are being stolen and sold on the dark web.
Regarding APT (Advanced Persistent Threat) attack response training, a new training system will be introduced to respond to new attack types and evolving cyberattacks targeting the financial sector due to digital transformation. The ability to detect, respond to, and recover from email malware will also be checked and inspected. Blind simulation training, where the attack time and method are not disclosed to participating financial companies in advance, will be expanded.
The training involves the Financial Security Institute executing attacks on financial company servers and employees, while the financial companies respond by detecting, blocking, and recovering from the attacks. Financial companies send attack and response log analyses to the Financial Security Institute, which reviews and sends back improvement suggestions. Technical support related to response and recovery during training is also provided.
Kim Young-gi, head of the Financial Security Institute, emphasized, “As digital transformation in finance progresses, cyber threats are increasing, and cyberattack techniques are becoming more advanced and intelligent. We will support the safe protection of financial consumers using electronic financial services through realistic breach incident response training that reflects the latest cyber threats and attack techniques.”
© The Asia Business Daily(www.asiae.co.kr). All rights reserved.
![Clutching a Stolen Dior Bag, Saying "I Hate Being Poor but Real"... The Grotesque Con of a "Human Knockoff" [Slate]](https://cwcontent.asiae.co.kr/asiaresize/183/2026021902243444107_1771435474.jpg)
