Analysis of 6.16 Million Electronic Intrusion Attempts... 35.9% Decrease
All 18 Large-Scale Ransom DDoS Attacks Successfully Defended
Threat of Variant Attacks Remains "Too Early to Relax" Warning Issued
[Asia Economy Reporter Song Seung-seop] "We are planning a DDoS attack (an act that overloads a site or server). If you do not want this, send Bitcoin to this address." In August last year, a DDoS attack aimed at extorting money was launched against three domestic banks. The financial institutions immediately activated their internal Intrusion Prevention Systems (IPS) and responded according to their manuals. Excessive traffic was rerouted to the 'Cloud Shelter' operated by the Financial Security Institute. Although the attack lasted for 2 to 3 hours, the damage was limited to some systems temporarily slowing down.
Despite the acceleration of digital non-face-to-face finance, electronic intrusion attempts have been found to have decreased. It is analyzed that the digital response capabilities of financial companies have improved due to the introduction of advanced security technologies, cooperation with related organizations, and increased security awareness among internal staff.
According to the Financial Security Institute on the 17th, the number of electronic intrusion attempts analyzed at the end of last year was 6.16 million, down 3.46 million (35.9%) from 9.62 million a year earlier. Electronic intrusion attempts refer to cyberattacks such as hacking, DDoS, and ransomware, unlike physical attacks. During the same period, the number of responses to electronic intrusion attempts also slightly decreased from 2.74 million to 2.37 million.
Phishing sites that create websites similar to those of financial companies to steal personal information were detected 40,000 times. Phishing sites had sharply increased from 18,000 in 2018 to 50,000 in one year but have since decreased. The number of analyzed malicious codes distributed through links or illegal applications (apps) has also been on a downward trend every year. Last year, there were 31.43 million cases, 10.43 million (24.9%) fewer than the previous year's 41.88 million, and 14.84 million (32.0%) fewer compared to 46.27 million in 2018.
Last year, there were a total of 18 large-scale ransom DDoS attacks targeting financial companies, all of which were successfully defended. Ransom DDoS is a cyberattack that takes corporate websites hostage and demands money such as Bitcoin by threatening with DDoS attacks.
Financial Sector Security Capabilities Improved but "Still Too Early to Relax" Voices
There were 24 cases where intrusion attempts led to incidents such as disruption or paralysis of electronic financial infrastructure, which became subjects of investigation and analysis by the Financial Security Institute. This is a slight increase from 22 cases in 2019 but generally a decrease compared to 32 cases in 2018.
It is an evaluation that the overall cyberattack response capabilities of the financial sector have improved. Financial companies are investing their own budgets to introduce various advanced security technologies. Many financial institutions, including KB Kookmin Bank, have eagerly applied 'FakeFinder' to detect malicious apps. FakeFinder uses artificial intelligence (AI) technology to detect all apps that deviate from the whitelist of normal apps. Shinhan Bank and Toss have installed 'AppSuit,' which prevents hackers from tampering with or hacking apps. Hana Bank has applied 'WhiteBox,' which implements encryption by applying its own security code, making it impossible to steal PIN numbers or QR codes.
The Financial Security Institute has established a shared information system for voice phishing fraud across the entire financial sector and promoted linkage with the abnormal financial transaction information sharing system. It conducted 534 intrusion incident response drills targeting 189 domestic financial companies and linked emergency response centers with 73 companies.
The Financial Security Institute is also operating a DDoS attack response system that links its own emergency response center with the cloud DDoS shelter. It defends by rerouting traffic volumes that are difficult for financial companies to handle independently. Using this system, it is possible to block large-scale DDoS attacks of up to 5 terabits per second (Tbps).
However, there are also concerns that it is too early to be complacent. Although the number of cases has decreased, targets have become more sophisticated, and there is a possibility of variant attacks by hacker groups. The Financial Security Institute has also analyzed that new threats include employee account leaks, attacks on virtual facility network equipment, and software supply chain attacks. A Financial Security Institute official warned, "DDoS attacks tend to occur more frequently in odd-numbered years," adding, "The scale is currently increasing."
Although the defense capabilities of financial companies and institutions have increased, 'Smishing' targeting financial consumers remains rampant. Recently, calls and texts exploiting the COVID-19 situation have surged. Especially since the qualification conditions, specific methods, and interest rates for product applications are detailed, consumers find it difficult to judge whether it is phishing, so special caution is required.
© The Asia Business Daily(www.asiae.co.kr). All rights reserved.
![Clutching a Stolen Dior Bag, Saying "I Hate Being Poor but Real"... The Grotesque Con of a "Human Knockoff" [Slate]](https://cwcontent.asiae.co.kr/asiaresize/183/2026021902243444107_1771435474.jpg)
