The Korea Herald

지나쌤

FSS urges ‘caution’ in financial sector

Shinhan, Nonghyup banks under FSS probe for network glitch

By Kim Yon-se

Published : March 20, 2013 - 20:32

    • Link copied

Regulators issued a “caution” to the financial industry over possible cyberattacks in the wake of a network glitch in two financial groups on Wednesday.

For several hours from around 2 p.m. on the day, two bank units of Shinhan Financial Group and three subsidiaries of Nonghyup Financial Group suffered serious problems in its online transaction systems.

The Financial Supervisory Service immediately raised the alarm level for cybersecurity to “caution” from “attention.”

The nation’s regulator also launched an inquiry into Shinhan Bank and Nonghyup Bank. The other three firms were Jeju Bank (a provincial unit of Shinhan Financial), Nonghyup Life Insurance and Nonghyup Property & Casualty Insurance.

The lenders hit by the cyberattack extended their business hours to 6 p.m. from 4 p.m. on Thursday to assuage customer inconvenience.

But the FSS said it dispatched a group of inspectors to the headquarters Shinhan Bank and Nonghyup Bank in downtown Seoul, heralding an intensive probe into the two lenders in the coming weeks.

The banks’ online service providing subcontractors have also come under investigation.

While some market observers speculated that the network glitch could be due to cyberattacks from North Korea, FSS officials stressed that the regulatory body had yet to secure the details.

An official said the probe will be focused on uncovering the factors for the breakdown, damage to customers and the banks’ countermeasures against the incident.

Meanwhile, Woori Bank’s network system reportedly defended the similar form of alleged cyberattacks on the same day.

The FSS added that no firms in the stock brokerage and credit card sectors were hit by the alleged attacks.

In an emergency briefing, the Korea Communications Commission speculated that the cyberattack was done through the distribution of malignant code, adding that it is collecting source code for further investigation.

The KCC, however, said the network failures were not caused by distributed denial-of-service, or DDoS, attacks.

By Kim Yon-se (kys@heraldcorp.com)