For this year, HITCON Pacific will be featuring a very special track - a closed session conference on financial security. Only financial sector professionals and few security experts will be invited to participate in this closed session. The purpose is to initiate a comprehensive exchange on financial security between participants and speakers, as well as provide speakers a more appropriate space to disclose sensitive information.
The opening speech of this closed-door session will begin with the cyber attack on financial institutions in 2016. This incident caused victims to suffer huge losses in credit and money, creating a huge shock to reverberate throughout Taiwan's financial and security communities. Today, the context, techniques and tools of the attack have been fully analyzed. The lectures will not only provide a glimpse into the complete incident, but also create an opportunity to mirror the conditions, follow the lecturer in a trip to the past, relive the conditions of the cyber attack, and simulate this major event.
Coincidentally, in recent years, banks have been continuously suffering from attacks by particular hacker organizations. Incidents of intrusion into the SWIFT system have been documented. We have specially invited experts on SWIFT attacks from South Korea. In addition to observing financial crimes and the underground market of hackers, and exposing the operations of gray industrial chains, they will also provide analysis on how North Korean criminals targeted Taiwan-related financial institutions in SWIFT attacks.
Next, we invite a well-known security team from the Asia-region blockchain community to shed light on the current state of security threats across the entire ecosystem by providing actual cases of attacks against mainstream blockchain (BITCOIN, ETHEREUM, EOS, etc.). Additionally, they will be offering corresponding measures for financial institutions seeking to develop on the blockchain. This is an event on security that cannot be missed.
In addition to the technical aspects, the security audits and penetration tests of financial institutions also play an important part in cultivating trust with vendors. As a result, we invited the chief information officer of Chinese Culture University to propose a set of regulatory mechanisms for the financial industry's security services, as well as share experiences in practical application. Taking into account the high level of importance the financial industry attaches to security and internal control environments, the supervision of outsourced services is a topic that cannot be ignored as well.
Finally, Brian Hansen from FS-ISAC will share the perspectives of financial institutions on information regarding threat intelligences, as well as how to utilize threat intelligences to improve security. He will also discuss how to form a collaborative network within an organization to face and react to threats.
Financial security has always played an extremely important part to the government's push for critical information infrastructure protections. This time, HITCON Pacific & FINSEC will bring even more new and useful content to Taiwan's financial IT and security teams that should not be missed!
資安作為的監管機制：以滲透測試監管 ABC (PT-ABC) 為例
陳仁偉 / 中國文化大學 資訊長
Dissecting Threats against Taiwanese Financial Institutes
Charles / Chief Analyst, Team T5
Linda / Cyber Threat Analyst, Team T5
Cyberthreat Intelligence: Wiping away the haze in a blurry world
Brian Hansen / Intelligence Officer for Asia-Pacific, Financial Services ISAC