Banks Conduct Unannounced Cyber Penetration Testing Drills
Ransomware and DDoS Attacks Expand and Intensify
Financial Supervisory Service to Conduct Surprise Hacking Defense Checks Starting the 15th
As cyber threats such as ransomware and DDoS attacks quantitatively expand and qualitatively advance, the Financial Supervisory Service (FSS) will conduct a 'Blind Cyber Penetration Testing Drill' to safely protect the electronic financial infrastructure of domestic financial companies.
On the 14th, the FSS announced that, together with the Korea Financial Security Institute (KFSI), it will conduct a 'Blind Cyber Penetration Testing (attack and defense) Drill' targeting the banking sector from the 15th to the 21st, using white-hat hackers (ethical hackers).
The Blind Cyber Penetration Testing Drill differs from the traditional tabletop exercises, which check response systems based on pre-agreed scenarios including training targets, timing, and attack details. Instead, the drill does not disclose the training content in advance and involves unannounced actual hacking attempts by white-hat hackers (KFSI IRIS team), with financial companies defending against these attacks.
This is expected to serve as an opportunity to upgrade the practical response level of the banking sector by identifying and addressing security vulnerabilities in information systems from a hacker's perspective, in response to various cyber threats exploiting security weaknesses introduced by new technologies.
The drill involves 19 domestic banks, where the KFSI, as the incident response organization, acts as a virtual attacker. White-hat hackers (KFSI RED IRIS team) will attempt server hacking (penetration) and DDoS attacks, while banks will detect and defend against these attacks. In the case of DDoS attacks, traffic will be redirected to an emergency response center to maintain business continuity through a series of responses.
The FSS plans to assess banks' capabilities to detect and defend against sudden external intrusions through this drill and improve response procedures if necessary. The KFSI will conduct detailed implementation inspections related to this. Director Lee Bok-hyun emphasized, "Practical drills are like preventive injections against cyber threats," adding, "I hope this drill will serve as an opportunity to further strengthen the cyber threat response and prevention capabilities of financial companies."
Hot Picks Today
"Stocks Are Not Taxed, but Annual Crypto Gains Over 2.5 Million Won to Be Taxed Next Year... Investors Push Back"
- "Not Jealous of Winning the Lottery"... Entire Village Stunned as 200 Million Won Jackpot of Wild Ginseng Cluster Discovered at Jirisan
- "Jeong Yu-kyung Is a Neighbor"...Itaewon Standalone House with Record 23.2 Billion Won Appraisal Up for Auction [Real Estate AtoZ]
- "How Did an Employee Who Loved Samsung End Up Like This?"... Past Video of Samsung Electronics Union Chairman Resurfaces
- "Even With a 90 Million Won Salary and Bonuses, It Doesn’t Feel Like Much"... A Latecomer Rookie Who Beat 70 to 1 Odds [Scientists Are Disappearing] ③
Meanwhile, the FSS plans to expand the blind drill to other financial sectors in the second half of the year, together with the KFSI.
© The Asia Business Daily(www.asiae.co.kr). All rights reserved.
