After more than 2 days of the incident, up to now, the system of VNDirect Securities Joint Stock Company (VNDirect) is still inaccessible.
Sharing with the press today, March 26, Mr. Nguyen Vu Long, General Director of VNDirect, said that the company's system was attacked by a professional attack group, encrypting all of the company's data.
VNDirect website status at 7:30 p.m. today, March 26
The issue was resolved in 2 steps and the company has now decrypted the encrypted data, moving on to the next step of fixing the system.
"We are starting the process of restoring the system so that we can connect and trade again. It is expected to take some more time because this is a common but relatively complex form of attack that requires time," said Mr. Long.
From the incident of VNDirect, talking to Thanh Nien , Mr. Vu Ngoc Son, Technology Director of Vietnam National Cyber Security Technology Company, Analysis: "From my experience, I would guess that it is almost certainly a software vulnerability, meaning a zero day vulnerability. This is a vulnerability that the manufacturer does not know about. Hackers somehow found it and exploited it."
Assessing that VNDriect is a large company in Vietnam, the operating process must have been standardized, Mr. Son further emphasized: "The fact that a hacker can penetrate the system so deeply can only be explained by an unknown vulnerability. With the "zero day" attack, all systems in the world can be attacked".
High level of cybersecurity required
The technology director of Vietnam National Cyber Security Technology Company stated that in the case of VNDirect's incident, the backup system was also attacked, not just the main system.
When putting a service into operation, of course, any unit will have to consider backup; at that time, it is possible that the possibility of the backup system being attacked at the same time has not been fully considered. "This can be said to be a double disaster. In this case, I think the recovery time is long because the backup system has been attacked," Mr. Son emphasized.
This person also shared that the systems of securities companies and financial institutions all have investments and operating processes on a common level of cybersecurity in Vietnam.
Statistics around the world show that financial institutions are always the target of hackers, because when attacking financial institutions, hackers will gain a lot of money. Simply because there is a lot of data and including assets.
Obviously, securities companies, despite being equipped with better technology and security conditions than the ground, still have incidents. That requires securities companies and financial institutions to have a high level of cyber security to be able to ensure this.
Regarding the policy aspect of ensuring customer benefits after troubleshooting, VNDirect's General Director affirmed that in principle, all customer benefits are guaranteed. At the same time, after the troubleshooting process, the company will have policies to ensure additional benefits, helping customers overcome the consequences of days without transactions.
Meanwhile, Mr. Son recommends that as soon as the system is back up and running, users need to change their passwords to ensure their accounts are still under their control...
According to VNDirect, the company's online trading system incident occurred at 10:00 a.m. on March 24 at DC Fornix Duy Tan. The system was attacked by an international hacker organization. The virtual infrastructure of the system was attacked, causing the company's entire trading platform to be temporarily inaccessible.
Late in the morning of March 25, the Hanoi Stock Exchange (HNX) announced the temporary disconnection of VNDirect's transactions to HNX from March 25 until VNDirect completely fixes the problem.
On the afternoon of March 25, the Ho Chi Minh City Stock Exchange (HOSE) also announced that it had temporarily disconnected VNDirect's transactions with HOSE from March 25 until the company completely resolved the problem.
Late at night on March 25, the State Securities Commission issued a warning about the security of online securities trading systems.
The State Securities Commission requires the company to ensure that the information technology system and backup database operate safely and continuously as prescribed in Clause 10, Article 89 of the 2019 Securities Law.
In addition, proactively review and immediately check security plans for the company's information technology system, especially the securities trading system and systems connected to the internet to promptly fix security vulnerabilities (if any)...
Source link
Comment (0)