Late at night on March 27, VNDirect officially issued a statement, continuing to inform about the handling of the incident with VNDirect's online trading system.
Accordingly, it is expected that on March 28, the company will conduct a transaction flow test with the stock exchanges. This is an important step in restoring the trading system.
Latest announcement on VNDirect website about troubleshooting status
"Although the identification and recovery phase is complete, we still have to continue to spend time on a lot of work such as data control, ensuring the integrity and accuracy of customer asset information.
Today, we have completely restored the large data flow, and are assured that customer information has been secured," VNDirect's announcement stated.
Previously, the incident of VNDirect's online trading system occurred at 10:00 on March 24 at DC Fornix Duy Tan. The system was attacked by an international hacker organization. The virtual infrastructure of the system was attacked, causing the entire trading platform of the company to be temporarily unable to log in.
According to VNDirect, on March 25, the company began restoring the system and upgrading system security solutions.
Late in the morning of March 25, the Hanoi Stock Exchange (HNX) announced the temporary disconnection of VNDirect's transactions to HNX from March 25 until VNDirect completely fixes the problem.
On the afternoon of March 25, the Ho Chi Minh City Stock Exchange (HOSE) also announced that it had temporarily disconnected VNDirect's transactions with HOSE from March 25 until the company completely resolved the problem.
On March 26, VNDirect moved to the process of reviewing and evaluating the system before gradually reconnecting transactions.
On March 27, VNDirect restored the system and is reviewing and evaluating the system to ensure absolute security for customers transacting at the company.
Accordingly, the company has been and continues to make efforts to implement the roadmap to reopen the system in each phase.
Specifically, phase 1: the system can look up the status and information of customers' accounts on My Account. Phase 2: reopen the system for money transactions, basic securities transactions and derivatives on the basis of communication with the exchange. Phase 3: other financial products are put back into operation. Phase 4: all other features.
VNDirect is drafting a compensation policy for customers.
Up to now, VNDirect has completed phase 1. "We confirm that all customer information is guaranteed to be safe and secure, completely unaffected, because hackers were not able to penetrate the data system and all customer data of the system has been stored on the cloud.
Along with fixing the technology problem, we are drafting new policies to share and compensate for the inconveniences customers encounter during the days when they cannot trade," said a VNDirect representative.
Speaking to Thanh Nien on the afternoon of March 27, a cybersecurity expert said that up to now, VNDirect’s ability to open a system for customers to check their balances and change their passwords is a commendable effort. For customers, the most important thing is to quickly change their passwords.
The VNDirect incident is considered a software-related vulnerability, meaning a "zero day" vulnerability. This is a vulnerability that the manufacturer does not know about. Hackers somehow found it and exploited it.
"Rebuilding the system is not difficult for the operation team, the important thing is that after finishing the construction, they must find the hacker's way in to block it. With the "zero day" vulnerability, they will not be able to patch it themselves but have to wait for the manufacturer to update. In this situation, I think VNDirect will choose to isolate the partitions that they know have "zero day".
In phase 4, VNDirect announced that they will open all features, so at this point they may have narrowed down the area," the expert commented.
However, according to this person, we should not be subjective. Completely fixing the problem will even require replacing the entire system architecture, especially the backup system, which will still take a long time, possibly up to months.
The expert noted: "Customers need to be patient and cooperate so that VNDirect can focus on handling the situation."
Source link
Comment (0)