After 5 days since the cyber attack paralyzed the system, today, March 29.3, VNDIRECT company said it expected to resume operations from April 1.4. The inaccessibility incident lasted up to 7 days, showing the severity of the attack and raising concerns about risks from potential, undiscovered security vulnerabilities in systems. information technology of organizations and businesses.
Mr. Ngo Tuan Anh - CEO of SCS Smart Cyber Security Company said that although the form of ransom attack is not new, it has only appeared in Vietnam on a small scale. "The attack on VNDIRECT can be considered the largest data encryption ransom attack ever recorded in Vietnam, with a huge impact on users," Mr. Tuan Anh assessed.
The expert also commented that currently, it is "impossible" to say that information security and network security systems are 100% guaranteed because security holes and weaknesses can appear every day. Hackers regularly probe, test and use global scanning tools to find attack loopholes. They will look for systems and software that have weaknesses but have not been patched to penetrate, thereby committing acts of sabotage or serving financial or political purposes.
“This incident is a warning to all of us when deploying large information technology (IT) systems containing a lot of data. To maximize effectiveness, we need protection systems combined with smart safety monitoring, anomaly detection systems, and give high priority to network security," SCS's CEO emphasized.
Sharing the same view, Chief Technology Officer of cCyber security company NCS - Vu Ngoc Son commented that cyber security incidents targeting companies and financial institutions always create great risks for users and the market. He said: "This incident is a lesson and a warning bell for companies and financial institutions to quickly review their systems to ensure that such unfortunate incidents do not occur in the future."
The NCS leader explained that Vietnam is now connected globally, so the story of hacker groups targeting domestic businesses and organizations is not new. The operating methods of these groups are increasingly sophisticated and apply very high technology, so according to him, if Vietnam does not have cyber defense systems of international standards and class, it will be difficult to defend against them. anti.
He said hacker groups often scan for vulnerabilities on the target system to find entry points, then "blend in" to lie low and capture information for a long time before carrying out an attack that causes damage. “We estimate that in the majority of attacks, hackers have broken in before without customers knowing. Much of this comes from exploiting software weaknesses. When an attack takes place, people will know there is a security hole," Mr. Vu Ngoc Son shared.
The two cybersecurity experts also said that businesses and organizations need to establish information security protection solutions in the current context, including redundancy and quick response. Units need to reserve a system similar to the main system, which needs to be isolated so that when an incident occurs, they can quickly switch over in as fast a time as possible, which may have to be measured in minutes to minimize damage. harmful.
Continuous network security monitoring is also always necessary because vulnerabilities always exist without being easily detected. When there is illegal intrusion, it needs to be detected early. Early detection increases the rate of successfully preventing an attack as well as limiting risks and damage to businesses, customers, and the market.
In Vietnam, the Ministry of Information and Communications has introduced a 4-layer defense model. Accordingly, each business needs 4 layers of security defense including: Specialized network security force, constantly on duty; Hire an independent monitoring team to jointly monitor; Carry out regular system scans and assessments; Connect to national network security monitoring systems.