South Korea Probes Possible Cyberattack on Large Bank
Authorities in South Korea are probing a large system failure at a popular bank, trying to determine whether the incident was an error or a cybercrime that could be repeated elsewhere in the country where business leans largely on electronic transactions.
Problems at the National Agricultural Cooperative Federation began on April 12 and lasted for several days. During that time, customers were blocked from online and automated teller machine transactions. While some services have returned, issues persist with access to credit card information.
The incident has generated 300,000 complaints and prompted pledges of compensation to the agricultural lender's customers as its affected network gets up to speed again this week, local media said.
The South Korean central bank and Financial Services Commission will help prosecutors by doing a week-long investigation into the system failure, a commission spokesman said.
"This is quite new to South Korea," said J. Ernst Lee, a spokesman for the Financial Services Commission. "We have never seen damage on this scale. We don't want this case to drag on."
It's too early to tell what happened or how to the federation's system, Lee said. He declined to give details on how the investigators would dig into the case or how many people would be assigned to it. There are no tentative findings yet, Lee said. "We are open to all possibilities," he said.
The network crash was initiated by a laptop computer with access to the bank's network, Korean media quoted prosecutors as saying. The laptop apparently reached the bank's server through a system username that had control over electronic transactions.
Officials at the bank of 5,000 branches could not be reached for comment on Tuesday, but local media have quoted bank officials saying they were hacked.
South Korean officials, who are also probing a separate incident described by local media describe as a leak of client data from Hyundai Capital, worry that attacks could occur at other financial institutions.
Similar incidents occur periodically outside South Korea, usually due to "stolen laptops" or "rogue employees," said Suresh Ramasubramanian, an Internet crimes expert and coordinator of the Asia Pacific Coalition Against Unsolicited Commercial E-mail.
Companies can often avoid losses by giving multiple employees access to the same system information so that no single person can control it, Ramasubramanian said.
South Korea may face more danger than other countries because it is a particularly wired society, to a point where face-to-face verification is sometimes bypassed, said Steve Yi, chief strategy officer with the marketing firm Grey Group Korea.
"As long as you have the right information, you can pretty much be anybody," Yi said.