Home > Eye on > Communication & Network
MS Korea, Anti-pishing business countdowns
By Tae-Jung Kim(ZDNet Korea)
October 24th, 2007
The anti-pishing project of Microsoft(MS) for the Korean financial world will take concrete shape soon. The rate of MS security patch use among internet banking users will be largely increased by the end of this year.

In fact, all users can easily download MS security patches, which are regularly distributed, but tend to overlook it. Most internet baking users access their accounts through Internet Explorer. Without security patches, however, they are vulnerable to pishing.

A typical example was the pishing accident at Kookmin Bank and NongHyup in January. A cyber criminal distributed the Trojan Horse by abusing Explorer's weakness, lured internet banking users into the pishing sites of Kookmin Bank and NongHyup, and captured about 4,000 digital certificates. It was a huge social issue, but it could have been prevented if a MS security patch (KB912812), which was distributed in April, 2006, had been properly appropriated.

Nevertheless, many users still don't recognize the importance of MS security patches. Banks are not in the position to force users to utilize MS security patches. The problem of pishing has been accelerated.

To cope with this problem, Financial Security Agency(FSA) has discussed with MS about the popularization of security patches since early 2007.

Inducing download in lieu of obligating patch application
A concrete plan is that MS and FSA construct a website for financial exclusive use and provide necessary patches to users who visit the site by automatically checking the users' circumstances. In this plan, the form of window update is combined with the content of information security portal.

Sung Jae-Mo, the leader of Security Technology Team at FSA, said, "we will complete building the web site in next month, test it, and possibly activate it before the end of this year. It is now under positive review among major banks."

A section of business circles speculates that this project is MS¡¯s reaction to Korean government¡¯s drive to introduce Linux. But, MS denies it.

According to Kim Hong-Suk, a department chief of Korea MS, "the cooperation with FSA is a part of MS's business that thinks seriously the distribution of security patches for the purpose of securing internet banking users. It has no connection with Linux." Korea MS expects that the number of downloading security patches will be increased up to ten million.

Originally, MS and FSA planed to automatically install security patches when users connect with internet banking services. However, major banks opposed it and MS and FSA changed the plan to build a new website.

What major banks were anxious about was that if security patches are directly placed on banking sites, there would be a collision with application. In addition to the key board security program that internet banking users have to install, it was also a burden for major banks to force their customers to add patch applications.


Samsung Mobile WiMAX¢â Wave2 Products Receive 'WiMAX Forum Certified Seal of Approva'
Korea Announces Crackdown on Illegal Internet Porn
Samsung Unveils Environment-Friendly Mobile Phones
POSDATA, entry into Mobile WiMAX market in Uzbekistan
SAMSUNG MAKES GLOBAL DEBUT AT COMMUNICASIA 2008
 
 
Copyright ¨Ï 2005 CNET Networks, Inc. All rights reserved.
ZDNet is a registered service mark of CNET Networks, Inc. ZDNet Logo is service mark of CNET Networks,