VNDirect plans to start checking transaction flow on March 28.
Both stock exchanges temporarily disconnected from VNDirect during the first trading session of the week, March 25. The exchanges said they would evaluate and consider allowing the transaction connection to resume based on VNDirect's corrective actions.
|
According to the latest update from VNDirect Securities Corporation, up to now, the company has completed phase 1 in the roadmap with a total of 4 phases. In which, phase 1 will have a system to look up the status and information of customers' accounts on My Account. Phase 2, VNDirect reopens the system for money transactions, basic securities transactions and derivatives on the basis of communication with the Stock Exchange. Phase 3, other financial products will be put back into operation. Finally, the company will restore all other features.
“Although the identification and recovery phase has been completed, we still have to continue to spend time with a lot of work such as data control, ensuring the integrity and accuracy of customer asset information. Today, we have completely restored the large data stream, and are assured that customer information has been secured,” the company said in a statement.
According to a representative of VNDirect, it is expected that on March 28, 2024, the company will conduct a transaction flow test with the Stock Exchanges. The company considers this an important step in restoring the trading system.
Previously, on March 25 - the first trading session of the last week of March, Hanoi Stock Exchange (HNX) and Ho Chi Minh City Stock Exchange (HoSE) respectively issued notices to temporarily disconnect remote trading and online trading on listed securities trading markets, registered securities trading, derivatives trading, debt instrument trading and individual corporate bond trading of VNDirect. The purpose is to ensure the safety of the trading system.
The exchange said it will base on VNDirect's report on the results of the remediation to evaluate and consider the time when this securities company can reconnect to trading.
As one of the early units to handle the VnDirect system incident, Mr. Nguyen Tu Quang - General Director of Bkav Technology Group said that hackers used data encryption attacks, a relatively common form of attack in recent years in Vietnam and around the world. Specifically, Mr. Quang said that hackers used a vulnerability to penetrate the system, then found a way to install a data encryption virus and would use that encryption key to blackmail the victim.
According to cyber security expert Vu Ngoc Son, Technology Director of Vietnam National Cyber Security Technology Company (NCS), an important issue is to find and plug the "vulnerability" that hackers have penetrated. VNDirect is a large company with standardized operating procedures. The possibility that hackers were able to penetrate the system is that hackers have attacked and exploited an unknown or unpatched security vulnerability (zero-day vulnerability) in the software.
All systems are vulnerable to Zero day attacks. This vulnerability is not known to the manufacturer or software developer, so it is a weakness of all systems. According to statistics, major attacks in the world are carried out through Zero day. According to Mr. Son, restoring data and services is only the first step. The next important step is to find the vulnerability that allows hackers to penetrate the system and must plug this vulnerability.
Source
Comment (0)