After more than 2 days of the incident, up to now, the system of VNDirect Securities Joint Stock Company (VNDirect) is still not accessible.
Sharing with the press today, March 26.3, Mr. Nguyen Vu Long, General Director of VNDirect, said that the company's system was attacked by a professional attack group, encrypting all of the company's data.
The problem was fixed in 2 steps and now the company has decrypted the encrypted data, continuing to the next step to fix the system.
“We are starting the process of fixing the system so we can connect and trade again. It is expected that it will take a while longer because this is a common form of attack but is relatively complicated and takes time," Mr. Long said.
From VNDirect's incident, talk to Youth, Mr. Vu Ngoc Son, Technology Director of Vietnam National Cyber Security Technology Company, analysis: “With my experience, I guess it's almost certainly a software-related vulnerability, meaning a "zero day" vulnerability. This is an unknown manufacturer vulnerability. Hackers somehow found it and exploited it."
Assessing that VNDriect is a large company in Vietnam, certainly its operating procedures have been standardized, Mr. Son further emphasized: "The fact that a hacker can go deep into the system like that can only be explained by having to be intelligent." through an unknown hole. With a "zero day" attack, all systems in the world can be attacked."
Need a high level of cybersecurity
Technology Director of Vietnam National Cyber Security Technology Company said that in the case of VNDirect's incident, the backup system was also attacked, not just the main system.
When putting a service into operation, of course any unit will have to consider redundancy; It is possible that at that time, all possibilities had not been calculated leading to the backup system being attacked at the same time. “This can be said to be a double disaster. In this case, I think the recovery time is long because the backup system has been attacked," Mr. Son emphasized.
This person also shared that the systems of securities companies and financial institutions all have investments and operating procedures that are on the common level of cybersecurity in Vietnam.
World statistics show that financial institutions are always the target of hackers, because when attacking financial institutions, hackers will gain a lot of money. Simply because there is a lot of data and it includes assets.
Obviously, even though securities companies are equipped with better technology and security conditions, incidents still occur. That requires securities companies and financial institutions to have a high level of cybersecurity to ensure this.
Regarding the policy aspect of ensuring customers' rights after troubleshooting, General Director of VNDirect affirmed that in principle, all customers' rights are guaranteed. At the same time, after the recovery process, the company will have policies to ensure additional benefits, helping customers overcome the consequences of non-transaction days.
Meanwhile, Mr. Son advised that as soon as the system works again, users need to change their password to ensure their account is still under their control...
According to VNDirect, the problem with this company's online trading system occurred at 10:24.3 a.m. on March XNUMX at DC Fornix Duy Tan. The system has been attacked by an international hacker organization. The system was attacked by virtual infrastructure, resulting in the company's entire trading platform being temporarily unable to log in.
Late on the morning of March 25.3, the Hanoi Stock Exchange (HNX) announced the temporary disconnection of VNDirect's trading connection to the HNX from March 25.3 until VNDirect completely fixes the problem.
On the afternoon of March 25.3, the Ho Chi Minh City Stock Exchange (HOSE) also said that it has temporarily disconnected VNDirect's trading connection with HOSE since March 25.3 until this company completely fixes the problem.
Late on the night of March 25.3, the State Securities Commission issued an official dispatch warning about the security of the online stock trading system.
The State Securities Commission requires the company to ensure the information technology system and backup database operate safely and continuously according to the provisions of Clause 10, Article 89 of the Securities Law 2019.
In addition, proactively review and immediately check security plans for the company's information technology systems, especially stock trading systems and systems connected to the internet, to promptly resolve issues. Fix security holes (if any)...