The Financial Security Institute will introduce a 'Global Cyber Threat Intelligence Platform.' It will collect and analyze information on hacking organizations, malware, and vulnerabilities around the world in real time. It is scheduled to operate from the second half of the year in the form of a cyber security infrastructure jointly utilized by the financial sector.
According to the financial sector on the 19th, the Financial Security Institute is building a system to track and analyze the movements and attack patterns of overseas hacking groups in real time. It is creating a financial sector-wide joint 'global hacking information platform.'
Once the platform is built, financial companies will receive real-time information on the activities of overseas hacking organizations, ransomware, zero-day (vulnerabilities exploited before security patches are released), and attack trends.
As hacking and information leakage incidents occurred one after another in the financial sector last year, the need to strengthen cyber security responses is growing. Critics point out that it is difficult to block advanced attacks such as ransomware, supply chain attacks, and generative AI-based phishing with only firewall or antivirus-centered responses.
Particularly, recent attacks do not stop at targeting specific financial companies. Global hacking groups are simultaneously targeting the financial, public, and IT industries with malware and vulnerabilities. Accordingly, a system has become necessary to secure trends of overseas attack groups, malware, and vulnerability information in real time, and to allow the entire financial sector to jointly utilize it.
The Financial Security Institute plans to support analysis functions centered on attack organizations, going beyond the level of simply providing dangerous IP or malicious file information. It will provide information on at least 400 or more global hacking groups, and analyze the industries and regions they mainly target, the attack methods used, and related malware and vulnerability information together.
In addition, it is preparing functions to summarize information on attack groups, malware, and campaigns through natural language search alone using a security-specialized Large Language Model (LLM), and to have AI analyze malware source code and explain it in a natural language format. Furthermore, when new malicious files are discovered, financial companies can detect whether they are associated with their own systems. Through this, they will have the capacity to grasp signs of hacking in advance and respond.
“If financial security in the past was centered on defending internal systems, now, identifying the movements and attack flows of global attack groups in real time has become a competitiveness,” an official from the financial industry said. “If the Financial Security Institute provides overseas threat data in the form of a joint infrastructure for the financial sector, individual financial companies will be able to greatly increase their security response speed and analysis capabilities,” the official said.
