South Korea’s Financial Industries Change Their Paradigms in Dealing with DDoS

Sep 13, 2017

South Korea’s financial industries have changed their stance so that they are always ready to respond to DDoS (Distributed Denial of Service) attacks. With banks at the center, there is an increasing number of financial industries that are introducing CDN (Contents Delivery Network)-based Cloud DDoS security service from foreign companies or clean zone services from South Korean telecommunication businesses for the first time.
According to financial industries and security services on the 12th, five financial companies including two banks completed signing contracts for bringing Akamai’s CDN-based Cloud DDoS security service since this past July. It is heard that two other banks are also thinking about introducing CDN-based Cloud DDoS security services. It is expected that there will be more companies that will have systems that are always ready to respond to cyber attacks.
Corresponding financial companies introduced Akamai’s website defensive service called ‘KONA SITE DEFENDER’, DNS attack defensive service called ‘FASTDNS’, and data center defensive service called ‘PROLEXIC’. Akamai provides security services that utilize CDN. Through 7 scrubbing centers and 230,000 security equipment that are dispersed worldwide, AKAMAI regularly analyzes data that are attacked worldwide.
“Our strength is responding to cyber attacks fast and accurately through security intelligence that is secured by regularly analyzing internet traffic.” said a representative for Akamai.
There is also an increasing number of financial companies that are using South Korean telecommunication businesses’ clean zone services after this past July. KT announced that five South Korean banks introduced its clean zone service for the first time after July. KT’s clean zone service protects financial industries from DDoS attacks step by step. When there is a DDoS attack, KT bypasses corresponding traffic path through defensive sinkhole and blocks DDoS attacks.
It seems that South Korea’s financial industries are getting prepared to take actions against cyber attacks regularly after a hacking group called Armada Collective threatened to attack with DDoS in this past June. Although actual attacks did not take place at that time, issue has risen when it was found out that capacity of Financial Security Institute’s DDoS shelter was only 40Gbps. Even after threats from hackers, Financial Security Institute did not increase capacity of its shelter and just replaced old DDoS defensive equipment, firewall, and L7 equipment. Although Financial Security Institute also figured out a trend for CDN-based DDoS responsive services, it drew a line by saying that it was just a part of market analysis.
“Agreements between members are needed since it costs a lot to increase capacity.” said a representative for Financial Security Institute. “Although we investigated a trend of Cloud-based CDN, it is just part of market analysis and significant amount of imperativeness is needed in order to introduce commercialized services.”
This kind of situation can be seen as having financial industries to find their own plans on their own. With Tbps-level threats and cyber attacks with capacity of hundreds of Gbps taking place, it is impossible to prevent large-scale DDoS attacks with current plans that are established. Capacity of a cyber attacked that took place last year and utilized Mirai Botnet was calculated to be 623Gbps.
“Although Financial Security Institute’s shelter can be used as a follow-up measure for DDoS, banks need to separately respond to DDoS attacks.” said a representative for a financial industry. “Discussions for plans are needed such as having Financial Security Institute be in charge of contracts.”
Staff Reporter Byun, Sanggeun | sgbyun@etnews.com & Staff Reporter Gil, Jaeshik | osolgil@etnews.com

Interpretation & Translation_Service Center

Refund Help Center