"Efforts Needed to Prevent Ransomware"… Financial Supervisory Service Holds "Financial IT Risk Response Measures Meeting"

Precautions for Responding to IT Risks Shared
Case Studies of Incidents Discussed

The Financial Supervisory Service recently discussed measures to strengthen the security of IT systems in the financial sector in response to recent ransomware infection incidents.

On August 21, the Financial Supervisory Service announced that it held a "Financial IT Risk Response Measures Meeting" for 458 financial institutions and others conducting electronic financial business under the Electronic Financial Transactions Act. During this meeting, cases of ransomware and other security breaches, as well as IT system failures, were shared, and key precautions for preventing recurrence were communicated.

The Financial Supervisory Service explained that its recent analysis of security incidents in the financial sector identified security vulnerabilities in external access devices such as SSL-VPNs as major targets of attack. In particular, the agency emphasized that when outdated equipment with discontinued manufacturer support is still in operation, or when SSL-VPN devices are directly connected to the internet, insufficient security measures for external access infrastructure significantly increase the risk of breaches. Therefore, immediate reinforcement of security controls is necessary.

Based on these findings, the Financial Supervisory Service provided participating financial institutions with guidelines for responding to IT risks, including strengthening network and system access controls and regularly backing up and enhancing recovery systems for critical data. The agency also urged comprehensive efforts to prevent security breaches and system failures.

This meeting is expected to help each financial institution assess its ability to respond to cyber threats and strengthen its foundation for taking swift action in the event of an actual incident.

The Financial Supervisory Service stated, "Starting in the second half of the year, we plan to focus on inspecting response systems for ransomware and other cyber threats, as well as the current status of backups for recovery in case of IT system failures, in order to enhance the safety and reliability of the financial sector's IT operations."