The Financial Supervisory Service investigated customer information leaks through appliations at several insurance companies and took disciplinary action against them. Customer information leaks and damage cases are soaring, in particular in the financial industry. The leakage of personal information that companies are trusted to keep not only can damage their reliability a great deal but result in the second and third damages, such leaks are quite a serious crime. However, the problem exists and security control systems are not perfect in preventing such leaks. It is for this reason that trade-based real-time monitoring and surveillance is expanding.
Increased Risk of Security Incidents due to Construction of Open Systems
In the past, there were many cases where SM (System Maintenance) employees with special skills approached internal DBs and stole personal information. In March 2011, the enactment of the Personal Information Protection Act prevented this kind of illegal collection, use, and distribution of personal information. However there was still a problem with hackers stealing companies’ confidential and personal information by taking advantage of security vulnerabilities in enterprise applications. Such cases were quite frequent. The government made information projects for public institutions costing 4 billion won obligatory and more developed more secure coding in December 2012. This policy aimed to reduce vulnerabilities in the software development processes and prepare for security threats such as hacking by applying strict security guidelines to the first stage of developing software.
The recent security incidents that have taken place suggest a need for entirely new solutions. This is because applications have become too powerful as many companies, in particular those in the financial sector, built "open systems" that are relatively inexpensive and quickly adapt to changes in the market.
In the past, only a small number of people with special technology training were able to access this level of information. Now anyone can get their hands on and filch personal information and easily check internal DBs by putting IDs and passwords into applications. Therefore, customer information leak patterns are taking place as abnormal massive patterns that are not in the typical form of hacking or malicious codes but disguise themselves as normal services. This expands the potential risk and is a clear example that shows that even if the service is normal, there is a potential for your information to be leaked. This pattern is more dangerous as existing security systems have trouble detecting an undercover service that looks like a normal service. Terrible accident could occur to today's business systems that allow easy access to internal customer information through logging into applications for efficient sales and customer management. In this way, the general public is easily exposed.
A prime example is KT's customer information leak case, which occurred in 2012. 8.7 million pieces of customer information was stolen over five months when thieves pretended to retrieve information from the KT Customer Information System sales agencies unlike previous attempts which were based on hacking or planting malicious codes. They developed a program that made the KT system at its headquarters recognize them as KT sales agencies. The program enabled them to steal the information without an inside conspirator at KT. The scam went on for a long time as they stole little by little, which made them very elusive to detect. In the case of Hanwha General Insurance, leaked information belonged to 150,000 customers who used its on-site dispatch services after buying auto insurance. The information thieves took customer’s information from the on-site dispatch support system of a partner of Hanwha General Insurance.
These cases are simple examples that show that customer information can be leaked from normal services. It was difficult for existing security systems to detect them as they are camouflaged as normal services.
Solution: Trade-Based Real-Time Surveillance
Customer information leaks from abnormal massive check patterns disguising themselves as normal services are on the rise, particularly in the financial sector. Detecting security accidents in real time from a viewpoint of business services holds the key to precluding security threats. Security management systems currently running (Firewalls and IPCs) are unable to detect them since they watch data flows by packets. Universal Real Time Co. is specialized in managing the qualities of codes based on real-time monitoring. The company is concentrating on such security needs. Its AppTomo TM is able to detect and report illegal uses such as abnormal massive checks since it is real-time application monitoring solution based on trade logs. This solution can manage situations by monitoring normal service use and blocking suspicious patterns. In addition, this solution offers tracking information about users such as IPs and Mac. Through this, the solution can prevent abnormal massive check patterns from causing security invasion incidents that existing security management systems cannot detect. In addition, AppTomo TM is able to secure security systems that can cope with situations before and after accidents through its Interconnection with integrated security management systems.
AppTomo Suite is a package solution consisting of inspection (code quality management), secure coding (examination of codes susceptible to hacking attacks), and TM (end to end, tracking trades). This solution offers the management of source code qualities, security vulnerability, abnormal transaction, and project productivity based on the real-time monitoring of applications currently being developed. AppTomo Suite overcomes the limits and weaknesses of existing solutions by only transferring verified applications to operation environments via application code inspections (code quality management) that manages code qualities and performances from the development stage. AppTomo Suite registered its patent in Korea and had it quality certified. AppTomo Suite proved its performances and effects as it was adopted for leading Korean financial companies’ next-generation projects. Universal Real Time was founded in July 2009 and specializes in application code inspections and secured core technology. The company developed and owns AppTomo Suite Solution.