TWSE Press Release
Securities and futures firms jointly shored up defense against DDoS attacks.
Publish Date︰2017/02/17 14:40
Recently, a number of securities and futures firms encountered distributed denial-of-service (DDoS) attacks. The attacks occupied the bandwidth of their web pages that distributed some online services. Competent authorities were highly concerned with the cyber threats. The Financial Supervisory Commission (FSC) initiated a responding emergency taskforce at the very beginning and notified the Executive Yuan of the DDoS attacks. FSC also instructed all financial companies to implement well-defined measures for strengthen their cyber security capability, as well as delegated the Taiwan Stock Exchange (TWSE) to report those cyber security breaches via the “Cyber Security Notification System for Securities and Futures Industry” and to provide the latest situation and cyber security guidelines to financial companies at the “Securities and Futures Industry Information Sharing and Analysis Center.” Besides, FSC established a 24/7 website monitoring service to alert companies to be aware of the attacks and implement defense measures.
On the morning of February 9, TWSE convened a meeting, inviting representatives from other exchanges, major telecommunications companies, the Taiwan Securities Association, Chinese National Futures Association, and representatives from the administration, including the Department of Cyber Security of the Executive Yuan, Department of Information Management of FSC, and the Securities and Futures Bureau, to discuss the mechanisms of attacks warning, defense strengthening, information sharing, and network traffic diverting and cleansing. The cyber security defense measures, current responding actions and notification mechanism were also discussed. TWSE requested telecommunications companies to reinforce their abnormal network traffic detection in order to assist client companies resolving their problems at the initial attack stage.
Dr. Jun-Ji Shih, Chairman of TWSE, concluded the meeting with three remarks: 1. Incident statement format shall be more specific; 2. Press release of these incidents shall be handled by a single liason to avoid confusion; 3. Technical support shall be provided for defense against DDoS attacks. The emergency taskforce, consisting of the exchanges, associations of the related sectors, and telecommunications companies, will convene on demand to deal with the possible DDoS attacks threat.