Errors Also Occur in Electronic Financial Service Design, Implementation, and Testing
Photo by Getty Images Bank
In the first half of this year, a DDoS attack targeted the domain name system (DNS) operated by an external vendor of A Savings Bank. As a result, users were unable to obtain the necessary IP addresses to use the services, causing disruptions in internet banking and smart banking.
According to the Financial Supervisory Service on the 6th, there were a total of 197 electronic financial incidents reported during the first half of 2023. Among these, 194 incidents involved system outages or delays lasting more than 10 minutes due to program errors, and 3 incidents were electronic intrusions such as DDoS attacks. Compared to the second half of last year, this represents a 10% decrease.
There were cases where securities firms’ HTS and MTS services were interrupted or delayed due to insufficient capacity of facilities, or some consumers experienced inconvenience in currency exchange and insurance premium withdrawals due to program errors.
Incidents also occurred where errors during the design, implementation, or testing phases of electronic financial service programs led to consumer damages.
At B Securities, a stock trading program error caused already sold stocks to be incorrectly displayed as remaining in accounts, leading customers to sell additional stocks. C Insurance Company, during a complete overhaul of its IT system, omitted insurance premium settings, resulting in customers being overcharged without applicable discounts.
There were also cases where some small and medium-sized financial companies with relatively weak security were subjected to DDoS attacks, causing intermittent service delays.
On the 6th, the Financial Supervisory Service held a third-quarter IT standing consultative meeting with a total of 269 financial companies to share cases of electronic financial incidents and discuss measures to ensure electronic financial security.
The Financial Supervisory Service stated, "It is necessary for the Chief Information Officer (CIO) of financial companies to take the lead in thoroughly reviewing IT work processes and preventing incidents," and added, "We plan to distribute guidelines to strengthen financial IT security, which will encourage an overall improvement in internal control levels of financial IT." They also announced, "strict measures will be taken against cases where electronic financial incident reporting is neglected or safety obligations are not complied with, resulting in incidents."
© The Asia Business Daily(www.asiae.co.kr). All rights reserved.
![Clutching a Stolen Dior Bag, Saying "I Hate Being Poor but Real"... The Grotesque Con of a "Human Knockoff" [Slate]](https://cwcontent.asiae.co.kr/asiaresize/183/2026021902243444107_1771435474.jpg)
