[Asia Economy Reporter Song Hwajeong] Although electronic intrusion incidents such as hacking in the financial sector decreased last year, service delays and other failure incidents significantly increased.
According to the '2021 Electronic Financial Incident Occurrence Status and Response Plan' announced by the Financial Supervisory Service on the 24th, there were 356 electronic financial incidents last year, an increase of 28 cases compared to the previous year. Among these, electronic intrusion incidents were 6 cases, a decrease of 9 cases, while failure incidents were 350 cases, an increase of 37 cases.
The increase in failure incidents was due to service delay cases caused by a surge in users from the increase in non-face-to-face transactions and a booming securities market, as well as consumer damages caused by program errors during the launch of new services such as next-generation system construction and open banking.
By financial sector, intrusion incidents last year were low, with 2 cases in the banking sector and 1 case in other sectors. Failure incidents were highest in the financial investment sector with 95 cases, followed by electronic finance with 95 cases, and banking sector with 81 cases.
In the financial investment sector, there were many cases where trading services were delayed or interrupted due to system resource overload caused by a sudden surge in simultaneous access by users during public offering subscription and listing. On March 19 last year, due to the public offering of SK Bioscience, investors flocked at once, causing about 70 minutes of response delay in login to Mirae Asset Securities' Mobile Trading System (MTS) and Home Trading System (HTS).
In the electronic finance sector, there were incidents of information leakage caused by program errors or hacking during the transition of MyData services to API (Application Programming Interface) methods or during outsourcing and operation of customer consultation tasks. On December 28 last year, an error occurred during Naver Financial's transition of the Naver Pay 'My Assets' service to the 'MyData' service, exposing asset information of 101 subscribers of the My Assets service to other subscribers.
In the banking sector, many failures occurred due to program errors caused by neglecting program testing and third-party verification of source codes during the launch of new services such as simple payment and open API. In the insurance sector, there were many program errors and IT equipment failures, and in the case of a specific insurance company, a failure occurred in cloud-based IT resources causing service interruption. In other sectors, most failures were due to human factors such as simple mistakes by employees during IT infrastructure operation, including incorrect application of system and IT equipment settings or security policies.
A Financial Supervisory Service official said, "We plan to conduct a detailed analysis of the causes of electronic financial incidents by financial sector and prepare customized accident prevention measures," adding, "We will strengthen cooperation with related organizations such as the Financial Security Institute to proactively prevent electronic intrusion incidents such as hacking from spreading across the entire financial sector."
© The Asia Business Daily(www.asiae.co.kr). All rights reserved.
