International hackers attack virtual infrastructure, no damage yet

Today, March 25, VNDirect sent a written report on the online trading system incident to the State Securities Commission.

According to the report, the incident occurred at 10:00 on March 24 at DC Fornix Duy Tan. The system was attacked by an international hacker organization. The virtual infrastructure of the system was attacked, causing the entire trading platform of the company to be temporarily unable to log in.

The company confirmed that this incident disrupted trading activities but did not affect the asset status of customers' securities accounts.

Assessing the risk, VNDirect said the impact on the market, customers, trading systems and other related systems. Customers were unable to log in to make online transactions. However, the company confirmed that no damage had occurred.

To fix the problem, VNDirect said that on the morning of March 25, it coordinated with partners FPT and Viettel to handle and fix the problem completely, ensuring the safety of all customer information and assets.

According to Thanh Nien, as of 10:30 p.m. today, the trading system has not yet been reconnected.

Late this morning, the Hanoi Stock Exchange (HNX) announced the temporary disconnection of remote trading and online trading on listed securities trading markets, registered securities trading, derivative securities trading, debt instrument trading and individual corporate bond trading of VNDirect to HNX from March 25 until VNDirect completely fixes the problem.

On the same afternoon, the Ho Chi Minh City Stock Exchange (HOSE) also said that it had temporarily disconnected VNDirect's transactions with HOSE from March 25 until the company completely resolved the problem.

Talking to Thanh Nien tonight about the incident at VNDirect, a cybersecurity expert said that when a securities company is attacked, users may face the following risks: transactions are interrupted, causing economic damage to investors; personal information is leaked or compromised; account passwords are leaked or changed.

Typically, it takes 1-2 weeks, or even a month, to fully determine the cause of a cyber attack.

"In fact, there have been statistics on intrusion cases in the world, the average time to resolve them is 100 - 200 days. The system can be put back into operation sooner, but the radical remedial measures will take a long time," he said.

The expert recommended: "It is time for securities companies to follow the 4-layer defense model guided by the Ministry of Information and Communications. Accordingly, an organization needs to have an on-site cybersecurity force, organize regular cybersecurity assessments, hire professional cybersecurity monitoring services, and connect and share information with national cybersecurity centers.

Users need to change their password as soon as the system is back up and running to ensure their account remains under their control."