HACKERS HIT SECURITY FIRMS AGAIN, CRASH SYSTEMS|又見券商遭駭 群益證券電子下單異常

Last week, Several securities firms were blackmailed by online hackers to each pay 10 bitcoins, worth roughly $320 thousand NTD or face another attack that would paralyze their online trading systems. On the morning of February 6, Capital Securities Corp's trading system was hit yet again but the system was restored after about 20 minutes. On February 6, Capital Securities Corp. was hit by a distributed denial of service (DDoS) attack. 5% of its clients were unable to make online transactions and were, therefore, forced to make transactions on telephone. ==KUO MEI-LING Exec. V P, Capital Securities Corp. == At 8:50, we noticed in our system that many clients were unable to log on. We notified Chunghwa Telecom of the situation and switched to our remote backup center right away. Judging by the number of online transactions, around 5% of our clients were transferred to our staff to make transactions. On Feb. 1, several brokerages received threat e-mails to crash their online transaction system if they refused to make payments of 10 bitcoins, or NT$320,000. Attacks will be initiated in the next two days if no payment is made. According to the Financial Supervisory Commission, 6 firms had been attacked before Capital Securities was targeted on Feb. 6. ==CHOU HUI-MEI Dep. Dir-Gen. Securities and Futures Bureau== The attack lasted about 20 minutes. The system was restored at 9:30. We have asked securities firms to work on their security protection measures and apply for DDoS cleaning services from their telecom carriers. First Bank's web bank was also reported a system crash on the same day. First Bank responded that the crash was not caused by DDoS attacks but a system update. The Taiwan Stock Exchange advised investors to make transactions on telephone in the event of online trading system errors. TRANSLATED BY：LUKE CHIANG 緊盯著螢幕，在動動滑鼠及鍵盤，不少投資人習慣透過電腦下單，快速又方便，但就在今天上午8點50分，群益金鼎證券受到駭客進行阻斷服務攻擊DDoS，導致5％的客戶無法電子下單，只好改成人工電話下單。 ==群益金鼎證券執行副總裁 郭美伶== 8點50分的時候 我們的監控系統 就有監控到就有很多的客戶 陸陸續續沒有辦法登陸 我們那時候就開始通知中華電信 我們在8點50 立即切我們的異地備援中心 從我們的電子下單來看 大概有5%的部份轉到人工單去 事實上早在2月1號，台灣就有多家券商，都收到駭客的恐嚇信件，對方聲稱會發動攻擊，讓部分網路交易異常外，還要求券商必須匯出10元比特幣，大約32萬台幣，如果明天以前不付款，這兩天會再度發動攻擊。而根據金管會初步清查，2月2號到3號兩天，共有6家券商遭駭，其中兩家券商網路下單被攻擊15到30分鐘，而今天則僅有群益1家。 ==金管會證期局副局長 周惠美== (群益)差不多是受到20分鐘的攻擊 9點半就恢復正常 我們已經請業者 都要去加強資訊的安全防護措施 也跟電信廠商這邊來申請 所謂的流量清洗服務 阻擋這種惡意的攻擊 除了群益，第一銀行的網路銀行，上午也傳出當機，對此，第一銀行表示，是內部系統提升調整設定，有短暫壅塞現象，並非受到外部攻擊，而證交所則提醒，一旦券商電子下單系統無法使用或有所延遲時，建議投資人可改成電話下單。 記者 吳雅瑜 林國煌 台北報導