There is a hacker lurking, and a warning will be issued within 24 hours! How does Taipei Fubon build the "immune system" in the banking industry?

In the past, bank robberies required masks, guns, and getaway vehicles. But now, hackers can remotely paralyze the banking system with just a laptop. Lin Shizhe, senior associate of Taipei Fubon Commercial Bank, said that 90% of Taipei Fubon Commercial Bank's customers now give priority to mobile banking and online banking. "In the past, if the system was down for one minute, customers might think it was nothing. But now users are transacting in online banking and mobile banking apps, and if it doesn't work for 3 seconds, they will be enlarged for viewing."

Replace "containment" with "prevention" and take immediate action when suspicious accounts are found.

If it is hacked or the system crashes, at least it will cause inconvenience to customers and cause complaints to the bank; at worst, it will cause panic about the security of funds and lead to the collapse of trust. "There are three lines of defense for bank internal control. Information is the first line, followed by information security and risk management, and the third is auditing." Lin Shizhe believes that to resist external threats, we must intercept all problems as much as possible at the information level. .

Lin Shizhe pointed out that traditional information security defense is mainly based on external defenses, such as firewalls, intrusion detection systems and other measures, just like wearing a mask to prevent virus intrusion, but hackers still have the opportunity to find loopholes. Usually, when hackers enter a banking system, they will not act immediately. Instead, they will lie dormant for several months, gain the highest level of privileges, and wait for opportunities to steal data or damage the system.

However, system maintenance and program changes require the highest authority. These passwords are used frequently and it is necessary to know whether anyone is using them abnormally. Therefore, an "intelligent anti-hacking privilege management system" was created to collect the passwords of thousands of servers in a unified manner and divide them into Groups A and B, if they need to use authorized accounts, the system will automatically distribute passwords and automatically change them the next day. "Hackers can hide in other people's homes for a year without being discovered. In Taipei Fubon Commercial Bank, through the early warning system, hackers have no way to escape." If the situation occurs, the system will issue an alert within 24 hours."

This system will collect a large number of accounts and passwords, and compare them with the highest-privileged accounts of the native system every day. If there is a new account, it will immediately find out whether it is the work of a hacker. "In the past, the security system focused on containment rather than prevention. We It uses an early warning mechanism, just like the immune system of human white blood cells. "When the immune system detects a problem, the white blood cells will quickly mobilize to lock in and destroy the threat. Once an unauthorized account is discovered, measures are immediately taken to prevent hackers from attacking.

Introduce information technology governance system and painlessly merge with Jih Sun Financial Holding

Lin Shizhe explained that the financial industry is a highly regulated industry, and the stability and availability of information services are the lifeblood. Any system interruption may lead to customer losses and damage to goodwill. In view of this, he introduced the international standard information technology governance system "Control Objectives for Information and Related Technologies (COBIT)", and based on this, introduced a number of information security systems and standards. As the scale of the information department gradually expands, this framework can effectively regulate personnel behavior and facilitate management. In addition, in the face of increasingly frequent information security threats, standardized governance procedures can help companies quickly respond to risks.

In order to implement information governance, we have also laid the foundation for various projects based on COBIT, including actively detecting potential risks using open source systems commonly used by banks, integrating software development processes (demand communication, testing, and online) into one system, and automatically Detecting security vulnerabilities, using international standard testing methods and automation tools to help Taipei Fubon Commercial Bank improve the quality and efficiency of software testing, as well as five major systems including war situation dashboards.

A thousand days is spent in a moment. In 2021, Taipei Fubon Commercial Bank will face the mid-term exam. At that time, Taipei Fubon Commercial Bank was going to merge with Jih Sun Financial Holding. The merger case has always been a headache for banks. In addition to business integration, it will also test whether the information system can go smoothly. connection. Lin Shizhe serves as the PMO Head. He explained that online banking has an average of 20,000 users per second. The "all-round information service early warning and intelligent warfare system" will monitor public opinion, the number of people online, bank customer service, and temporary Cabinet waiting time, etc. If the number of people online exceeds 20,000, it means the system may be abnormal.

In the early stages of the integration, the team stared at the dashboard to check whether there was an abnormal increase in the number of people online and the waiting time for customer service and counters. "Because the information systems are complicated, the deposit system may be affected in the first five minutes, but we don't know what will happen in the next five minutes. System problems." The team spent more than 500 days and more than 6,000 meetings, and finally completed the integration painlessly, adding 850,000 users, ranking first among private banks.

In the past, the information security system focused on containment rather than prevention. We use an early warning mechanism, which is like the immune system of human white blood cells.