'Blind Simulated Hacking' Drill Until October 31
Drill Period Extended Significantly from One Week to Two Months
Emphasis on Financial Consumer Protection... Thorough Cyber Response
The Financial Supervisory Service announced on September 3 that, in cooperation with the Financial Security Institute, it will conduct a 'blind simulated hacking (attack and defense) drill' across the entire financial sector from September 4 to October 31.
The drill will be carried out by launching surprise attacks without prior notice of the date and target, in order to assess the hacking detection and defense systems of financial companies.
The purpose of the drill is to encourage even those financial institutions not selected as attack targets to make preparations and remain vigilant, so that they can independently review and strengthen their own incident response systems.
Last year, six out of 19 banks were tested in the first half, and 12 out of 83 companies in the secondary financial sector and generative artificial intelligence (AI) sector were tested in the second half. Vulnerabilities were found in some companies and were immediately addressed.
This year, both the scope of targets and the duration of the drill have been expanded, in light of the continued occurrence of hacking and other security incidents both within and outside the financial sector.
The drill will now cover the entire financial sector. While only four sectors participated last year, this year capital companies, savings banks, mutual finance, and electronic finance have been added.
The duration of the drill has been significantly extended from one week last year to two months this year.
The number of attack drills has increased, while the number of financial companies targeted in each attack has been reduced, in order to enhance the intensity and focus of the training.
On-site drills will be conducted for financial institutions that have frequently experienced breaches of external virtual private networks (VPNs). The likely targets for on-site drills include SGI Seoul Guarantee Insurance, Welcome Financial Group, and Lotte Card, all of which have recently experienced cyber incidents.
White hat hackers from the Financial Security Institute (ED IRIS team) will attempt server hacking (penetration) and DDoS attacks. Financial companies are expected to detect and defend against these attacks, and in the case of DDoS attacks, to redirect traffic to an emergency response center to maintain business continuity.
During on-site drills, a thorough review will be conducted to determine whether vulnerable network ports are open to the outside, whether administrator settings for external access infrastructure are properly configured, and whether security updates are being appropriately managed.
The Financial Supervisory Service aims to use these drills to assess the detection and defense capabilities of financial companies against external intrusions, and, if necessary, to share key findings with the financial sector to improve response procedures.
The Financial Supervisory Service also plans to further advance its measures for monitoring and improving cyber risk response. In addition to the two-month blind simulated hacking drill, it will conduct an incident response drill in December and promote the establishment and operation of an integrated monitoring system (FIRST). It will also utilize the security vulnerability reporting reward program, which has been in place for three months since June.
A representative from the Financial Supervisory Service stated, "While we will continue to strengthen cooperation with the government and related agencies, we will also develop supervisory measures to enhance the security capabilities of financial companies and the safety of information technology (IT), in line with the evolving digital financial environment."
© The Asia Business Daily(www.asiae.co.kr). All rights reserved.
