Authorities launch investigation into network failure of Nonghyup

The prosecution and financial regulators began their investigation into the unprecedented breakdown in network systems of the National Agricultural Cooperative Federation, or Nonghyup.

While the number of Nonghyup customers comes to about 30 million, the bank suffered a significant problem within its online transaction systems for the three-day period ending Thursday.

More seriously, the bank said it has failed to uncover factors for the breakdown.

There were two speculations ― the systems could have been hacked or intentionally destroyed by one or more employees. But nothing has yet to be clearly revealed as of 4 p.m. Thursday.

Nonghyup made a public apology and gave detailed explanation of the affairs during a press conference Thursday. The bank said that the exact cause of the incident should be identified through the authorities’ investigation.

Nonghyup alleged that the breakdown started from the laptop computer of an employee, who works for the bank’s subcontractor.

The bank also argued that it has no choice but to suspend all of its systems due to a code causing problems in the employee’s computer. But the employee reportedly insisted that he had not entered the code into his notebook computer.

Nonghyup has seen its network systems, including Internet banking and automated teller machines, break down since around 5 p.m. Tuesday.

The Financial Supervisory Service, which dispatched a group of inspectors to Nonghyup on Wednesday, has pledged to conduct a more intensive inquiry into the bank starting next Monday.

The watchdog also plans to instruct financial companies to bolster cyber security for their electronic financing system to check if there is critical weakness.

Electronic finance in the nation has made rapid progress over the past several years.

However, electronic financial accidents have continued, such as hacking at Korea Exchange Bank in May 2005, phishing at Kookmin Bank and Nonghyup in January 2007, an attempt to hack into Hana Bank and Korea Exchange Bank in May 2008, hacking for root permissions at Moa Savings Bank in May 2008, and a series of financial accidents by telephone.

“As the risk of electronic financial accidents has increased, continued efforts should be made to further develop e-finance safety,” an FSS official said.

The Electronic Financial Services Act was enacted in February 2006 and came into effect in January 2007. Its purpose is to decide who takes responsibility for financial accidents and to protect customers.

Solving the responsibility problem may be needed to decide possible solutions between customers and financial companies.

The act states that financial companies and e-finance service providers should take responsibility for damages when customers sustain losses resulting from technological accidents.

By Kim Yon-se (kys@heraldcorp.com)