Many of the 30 million customers of the National Agricultural Cooperative Federation, or Nonghyup, suffered inconveniences for four days from Tuesday as the bank’s computer network broke down.
It was the worst accident of its kind in Korea and fueled unease among the public over the security of online financial transactions as it came just several days after a serious hacking incident at Hyundai Capital Services Co.
The cause of the snafu is still not known. Bank officials said the shutdown of the computer system might have been caused by a notebook computer used by an employee of a subcontractor to monitor Nonghyup’s servers. The laptop computer, they said, appeared to have issued malicious orders to the servers to destroy system files.
Whether the orders were issued intentionally or by accident should be determined soon as the prosecution and the financial regulator have started their investigation. But whatever might be its cause, the case again illustrated domestic financial companies’ tendency to disregard the importance of ensuring the security of their computer networks.
For instance, the bank allowed one single laptop of a subcontractor’s employee to monitor 320 of the bank’s entire 553 servers. Nonghyup reportedly cut its budget for IT security from 7.1 billion won in 2009 to 2.3 billion won in 2010.
One small solace about the disaster is that, unlike the Hyundai Capital case, there is little possibility of the leakage of customer information.
These two incidents have seriously undermined the public’s confidence in domestic financial companies. Therefore, the financial regulator needs to check the safety of their computer systems to ease public concerns.
One thing that domestic financial institutions need to remember is that their most important capital is reputational capital. It takes years, or decades, for them to build a good reputation. But it only takes a minor blunder to have the hard-won reputation tarnished.
It was the worst accident of its kind in Korea and fueled unease among the public over the security of online financial transactions as it came just several days after a serious hacking incident at Hyundai Capital Services Co.
The cause of the snafu is still not known. Bank officials said the shutdown of the computer system might have been caused by a notebook computer used by an employee of a subcontractor to monitor Nonghyup’s servers. The laptop computer, they said, appeared to have issued malicious orders to the servers to destroy system files.
Whether the orders were issued intentionally or by accident should be determined soon as the prosecution and the financial regulator have started their investigation. But whatever might be its cause, the case again illustrated domestic financial companies’ tendency to disregard the importance of ensuring the security of their computer networks.
For instance, the bank allowed one single laptop of a subcontractor’s employee to monitor 320 of the bank’s entire 553 servers. Nonghyup reportedly cut its budget for IT security from 7.1 billion won in 2009 to 2.3 billion won in 2010.
One small solace about the disaster is that, unlike the Hyundai Capital case, there is little possibility of the leakage of customer information.
These two incidents have seriously undermined the public’s confidence in domestic financial companies. Therefore, the financial regulator needs to check the safety of their computer systems to ease public concerns.
One thing that domestic financial institutions need to remember is that their most important capital is reputational capital. It takes years, or decades, for them to build a good reputation. But it only takes a minor blunder to have the hard-won reputation tarnished.