With cyberattacks and computer viruses changing daily, Taichung Bank has set several major goals over the past several years to strengthen information security defense and early warning systems.Peng Zhenqian, Information Office Manager, Taichung Bank Securities Investment Trust Co., Ltd.
Founded in 1995, Taichung Bank Securities Investment Trust was established as the 17th domestic securities investment trust company. Its products include stock funds, domestic money market funds, and overseas stock funds. For more than 20 years, the company has built its business around a strategy of steadiness and reliability. By carefully developing financial products with a stable investment rate, the fund performance ranks among the best in the industry. Taichung Bank Securities Investment Trust now actively uses financial technology to provide instant and innovative investment services across more channels to the investing public.
Peng Zhenqian, manager of the Information Office for the company’s Investment and Information Division, said that in recent years, the company has set several goals around strengthening information security defenses and information security early warning systems to counter the rapid changes in cyberattacks and computer viruses.
First, the company aims to improve internal security. Improving internal security will allow the investment department to safely receive and store a large number of research reports and financial information every day, while still allowing traders to receive real-time information for smooth and unimpeded market access. Second, the company aims to improve external security. Improving external security will allow investors to complete actions such as subscribing, redeeming, or converting funds through the trading platform, without needing to worry about hackers blocking service or stealing personal information.
To achieve these two goals, Taichung Bank Securities Investment Trust knew that it needed to introduce Web Application Firewall (WAF) and Content Delivery Network (CDN) services. These services would effectively prevent DDoS attacks and speed up web pages. After careful evaluation, the company decided to implement the Akamai solution, officially rolling it out in May 2020.
Cutting budget for traffic scrubbing
Peng Zhenqian mentioned that over the past several years, numerous notable DDoS ransom incidents have occurred. In particular, the financial industry is the number one target by hackers, with investment and credit companies also falling under this umbrella. Taichung Bank Securities Investment Trust has always considered avoiding website downtime to be a top priority, as financial transactions are largely conducted over networks in modern times. Whether it’s investors redeeming funds, employees in the investment research department receiving information, or fund managers balancing funds for market changes through the day, all of these people rely upon the internet. If one area of the network goes down, then all of these actions are affected.
The company initially deployed WAF and CDN services several years ago to prevent this downtime from occurring. At first, the company thought about building an in-house WAF solution. This solution would take a great deal of time and resources to maintain and update, so it decided to invest in the services of a professional vendor instead. Vendors’ knowledge of global attack trends, as well as automated rule-adjustment algorithms, help Taichung Bank Securities Investment Trust reduce the burden of maintenance.
Peng Zhenqian and colleagues in the Information Department were still concerned about the existing WAF service. WAF services are generally billed according to the attack volume. If a customer chooses a 1 Gbps solution, it might one day encounter more than 1 Gbps of attack traffic. The service provider will ask the customer to purchase additional volume, and if the customer refuses, it will be the same as having no defenses at all. But purchasing additional volume is expensive, and once a customer increases its volume, it’s nearly impossible to roll back. For instance, say that a customer purchases a 1 Gbps solution, but then to resist an attack, the volume is increased to 5 Gbps. The customer will be billed for 5 Gbps in the future, which will gradually increase financial burden.
"DDoS is a sporadic attack, and the traffic is always irregular and unpredictable," said Peng Zhenqian. Therefore, no matter how much volume a customer purchases—1 Gbps, 5 Gbps, 10 Gbps, or higher—it will never be enough to bring a sense of stability. Therefore, when the existing WAF contract expired, Taichung Bank Securities Investment Trust decided to take the opportunity to find a better fitting solution. The company chose WAF, Site Shield, DSA (CDN), and other services provided by Akamai.
The company selected Akamai because through agency partner Sysage Technology, the company can work with a plan where it is billed for the amount of traffic generated. In other words, no matter whether the DDoS attack generates 5 Gbps, 10 Gbps or even 100 Gbps of traffic, the company only needs to pay for the amount of scrubbed traffic. This helps Taichung Bank Securities Investment Trust cut its information security budget of unnecessary IT expenditures.
Hide IP addresses to reduce hacker attacks
In 2019, the competent authority held a cross-border network attack and defense exercise. Among all participants, the Akamai WAP platform performed well and successfully passed the 3Gbps attack traffic test that was demanded by the financial industry. This increased the confidence of Taichung Bank Investment Trust in purchasing Akamai.
Akamai maintains the world’s largest cloud Internet platform, which carries huge volumes of web traffic every day. This gives Akamai the ability to use big data analysis to effectively identify various threats and to help Taichung Bank Securities Investment Trust improve the balance between DDoS protection, web security, and speed. What impressed Peng Zhenqian most is that Akamai provides a unique Site Shield service, which adds an additional layer of defense efficiency.
Most WAF and CDN services all adopt a similar proxy mode of operation. Users connect to the CDN Server first, and only after checking that the traffic is clean will they be directed to the application origin. But the problem is that hackers usually try to bypass the proxy and use the IP address to reach the application origin directly. Using the Site Shield service, Taichung Bank Securities Investment Trust can hide its IP address and successfully escape the hacker's scope of detection, thereby greatly reducing the chance of being attacked.
Before rollout in May, Taichung Bank Securities Investment Trust launched a two-month proof of concept (POC). During this stage, Sysage Technology worked with dealer partners to help Taichung Bank Investment Trust adjust the WAF management rules to help Akamai WAF successfully pass the rigorous testing of a third-party attack and penetration team. After the Akamai service went online, Sysage Technology also worked with reseller partners to deliver a quarterly policy review and attack trend analysis to help ensure the company website maintain a high level of performance and protection. This helped the information office department feel at ease.
The introduction of Akamai solutions speeds up performance of the Taichung Bank Securities Investment Trust website, while also strengthening DDoS protection and hacking prevention. This allows public investors, investment researchers, fund managers, and other internal and external users to get the best quality experience to carry out online activities with ease and peace of mind.