The Financial Security Institute (FSI) of South Korea has raised concerns following the global outage incident involving CrowdStrike. The FSI emphasized that South Korean financial firms need to be better prepared for digital incidents to ensure the stability of the financial system.
On Monday, the FSI held a seminar for financial companies to review their security measures. The event, which took place on Wednesday, included five security experts from banking, securities firms, and academia. They convened to discuss the necessary countermeasures for South Korea’s financial sector in response to a recent global outage incident that affected approximately 8.5 million IT devices worldwide.
Kim Chul-woong, President of the FSI, emphasized that the CrowdStrike incident highlighted the vulnerability of the entire industrial ecosystem. He underscored the importance of security preparedness, noting that, although the security damage to Korea was minimal, the potential impact on the broader system is significant.
Chi Jung-ho, Chief Information Security Officer (CISO) of Toss Securities, stressed that the recent global incident should prompt financial institutions to review their security measures. He attributed the minimal damage to South Korea’s financial institutions to the separation of their IT systems from the external internet, which shielded them from cyberattacks, and the robust security standards of their cloud services. Chi also highlighted the importance of having a systematic recovery strategy in place for security incidents.
Ahn Tae-seung, Team Leader of Financial IT Safety Department at the Financial Supervisory Service (FSS), highlighted the need for security management and real-time verification of cloud-based software as countermeasures against future security incidents. Ahn also emphasized the importance of effective oversight of incident recovery, direct supervision of cloud service providers, and cyber incident recovery training.
“It is entirely possible that a global outage incident could recur,” said Lim Gu-rag, Head of the Cyber Response Group at the FSI. “Given the increasing importance of external software supply, such as CrowdStrike, financial firms should also consider how to respond to security concerns,” Lim added.
Related article: CrowdStrike software glitch sparks global outage: Key developments from the past week
CrowdStrike has undergone a massive cyber system outage that has lasted for six days. The incident has had a global impact, bringing many industries, governments, and businesses around the world to a standstill. Airports, hospitals, banks, and other essential services have been affected, disrupting daily life for millions of people worldwide.
CrowdStrike is a leading American cybersecurity technology company, established in 2011, that specializes in endpoint security, threat intelligence, and incident response. The company provides comprehensive protection against cyber threats, including ransomware attacks, by leveraging artificial intelligence. With a global presence, CrowdStrike serves approximately 30,000 subscribers, safeguarding them from potential cyber threats.
The outage occurred at 4:09 AM UTC on July 19 when an invalid software patch was deployed for CrowdStrike’s ‘Falcon Sensor.’ This software runs on Microsoft Windows and monitors and detects cyber threats in real-time.
In their report issued on Thursday, CrowdStrike confirmed that the outage was triggered by software crashes on Windows systems that were online between 4:09 and 5:27 AM on July 19. Interestingly, systems that were not online during this specific timeframe, as well as Mac and Linux systems, remained unaffected. The company is now working diligently to rectify the issue and prevent such incidents in the future.
During the incident, all Windows users were confronted with the dreaded ‘blue screen of death,’ a critical error that not only turns the screen blue but also causes the system to freeze. This type of error, also known as a “bug check,” signals a system crash, indicating that Windows has reached a state where it can no longer operate safely. Consequently, this widespread system failure rendered users unable to use Microsoft products, causing significant disruption and inconvenience. READ MORE
