Concluding the conference on the implementation of the task of developing the stock market in 2024 held at the end of February, the Prime Minister directed the State Securities Commission to preside over and coordinate with relevant agencies to urgently review comprehensively, thoroughly inspect the stock trading system, IT system, proactively develop risk control procedures, measures to handle and respond to urgent situations, prevent technical incidents, ensure security, safety of the financial system, and benefits for investors.

However, the Vietnamese stock market has just witnessed an information security incident that experts consider to be serious, when the system of VNDIRECT Securities Company was discovered to have been hacked since the morning of March 24, making the business activities of the enterprise and transactions of many stock investors impossible.

After nearly 4 days of system-wide downtime due to a cyber attack by a group of professional individuals, VNDIRECT Securities Joint Stock Company has just completed phase 1 of a 4-phase roadmap to gradually reopen systems, products and utilities. Currently, only the My Account account lookup system has been restored.

W-online-stock-trading-1-1-1.jpg
Securities companies are required to implement a plan to periodically back up systems and important data to promptly restore data when attacked by data encryption. (Illustration photo: DV)

From the incident of VNDIRECT, as the State management agency for network information security, on March 27, the Department of Information Security requested securities companies to strengthen the security of information systems under their management.

This agency stated that the recent cyber security incidents in some securities companies' systems have caused serious damage to securities companies, while also causing confusion and somewhat affecting users' confidence in the safety of stock exchanges in Vietnam in particular and the financial market in general.

To ensure the security of information systems of securities companies, the Department of Information Security recommends that these enterprises, from now until April 15, focus on completing the review, inspection, and assessment of information security assurance of information systems under their management and immediately deploy measures to overcome risks, vulnerabilities, and weaknesses of the systems; especially with customer account management systems serving online securities transactions.

Securities companies need to review and organize information system security assurance by level, especially organizing statistics and classifying information systems under their management; Develop a plan to implement and complete regulations on ensuring information system security by level.

The target is to ensure that 100% of operating information systems are approved for security levels by September at the latest; Fully deploy information security assurance plans according to the approved level proposal documents by December at the latest.

Organize effective, substantial, regular and continuous implementation of information security assurance work according to the 4-layer model, especially improving the capacity of the professional monitoring and protection layer and maintaining continuous and stable connection and information sharing with the National Cyber Security Monitoring Center.

In parallel with developing an incident response plan for the information system under its management, securities companies also need to implement a plan to periodically back up the system and important data to promptly restore when data encryption attacks occur.

In addition, it is necessary to review and promote the implementation of activities to respond to network information security incidents in Vietnam; periodically conduct threat hunting to promptly detect signs of system intrusion.

“With a system that has detected a serious security vulnerability, after fixing the vulnerability, the unit needs to immediately hunt for threats to determine the possibility of previous intrusion,” a representative of the Information Security Department noted.

Securities companies are also required to check and update information security patches for important systems according to warnings from the Information Security Department and related agencies and organizations. At the same time, periodically check, evaluate and review to promptly detect information security vulnerabilities and weaknesses that exist in the system.

VNDIRECT was attacked, securities companies were asked to strengthen security . After more than 2 days of being attacked, the VNDIRECT system has not yet been fully restored. The State Securities Commission asked securities companies to urgently implement a number of tasks to ensure the technology system operates safely and stably.