VNDirect "falls" - Information security is vital

VNDirect's anti-attack barrier "fell"

As of this afternoon (March 25), after more than 30 hours since being "attacked by an international organization", the trading platform and website of VNDirect Joint Stock Company are inaccessible. This means that the accounts of securities investors at VNDirect - the 3rd securities company in the top brokerage market share, which conducted 7.01% of transactions on the Ho Chi Minh City Stock Exchange in 2023, were completely "frozen" during the entire trading session at the beginning of the week.

VNDirect said that the trading system was attacked from 10:00 a.m. on Sunday, March 24, 2024. "VNDirect's entire system was attacked by an international organization. VNDirect's technology team has made every effort to restore it, but due to the large data infrastructure, it will take more time to connect," the official information released on the morning of March 25 said.

Attacks on financial institutions and stock exchanges are no longer uncommon around the world. Typically, in 2012, six major US banks were simultaneously hit by a Distributed Denial of Service (DDoS) attack, leaving their customers unable to access their websites or conduct online transactions. In 2013, the world stock market also witnessed the Nasdaq stock exchange paralyzed for 3 hours due to a DDoS attack.

In Vietnam, new statistics from Kaspersky Security Network (KSN) show that the number of online attacks in Vietnam detected and prevented by Kaspersky in 2023 was 29,625,939, down 29% compared to last year (41,989,163 in 2022). The percentage of Vietnamese users infected with web threats during this period was recorded at 34%, thereby placing Vietnam in 67th place worldwide in terms of the level of danger related to web surfing.

Particularly in the securities sector, from July 23 to July 29, 2020, VPS's system (network/electronic transactions) was continuously attacked by DDoS with the strongest attacks occurring from 9:00 to 11:00 on July 23 and from 13:05 to 14:00 on July 29, causing VPS's electronic transaction system to be congested and VPS customers to have difficulty and sometimes even be unable to log into the system to trade.

Compared to the attack that occurred at VPS nearly 3 years ago, the attack that occurred at VNDirect is more serious.

According to a technology expert's analysis, the complete system shutdown and long service recovery time raise questions about the possibility that hackers have penetrated quite deeply into the system.

According to this expert, it usually takes 1 to 2 weeks to find the full cause of a cyber attack. Administrators and experts will have to follow each trace to reconstruct the entire attack, thereby finding vulnerabilities and having plans to prevent it in the future. In addition, there are usually 3 risks when a securities company is attacked, including interrupted transactions, causing economic damage to investors, personal information being leaked, and account passwords being leaked or passwords being changed.

At present, VNDirect affirms that all customer information and assets are guaranteed to be safe and unaffected. The incident only affects transactions.

Vital factors need to be protected early

Sharing with readers of Dau Tu Newspaper at the Talkshow "Technology 'transforms' customer experience" held earlier this year, "very terrible" is how Mr. Nguyen Phuc Nguyen, Director of Information Technology, Bao Viet Securities Company (BVSC) talked about the consequences if an attack occurs on the systems of securities companies.

“In the securities industry, security is a “vital” factor. Securities companies have real-time data and instant transactions, so the consequences of an attack will be terrible. Therefore, from the beginning of providing online services, service providers must build anti-attack barriers and security barriers,” Mr. Nguyen emphasized.

Not only in the securities sector, investment in security and safety in the banking and finance sector is a major investment for organizations. Mr. Luong Tuan Thanh, Director of Technology and Digital Transformation at OCB Bank, said that the defense system at OCB currently consists of 3 layers: protecting customer data, protecting the bank's system, as well as protecting daily operations in the bank or the financial sector.

“A highly appreciated idea of ​​people's security is “zero trust”. This means that even in the banking system, the systems that build information security protection systems do not trust anyone, including bank employees and IT operators, so that when operating, safety and security can be ensured”.

According to Mr. Thanh, major attacks and cyber security attacks are all aimed at specific areas, so in the banking sector, banks also share risks and inter-bank attacks to support each other in defense. The banking system mainly uses data-related systems, monitors unusual behaviors and transactions, or monitors abnormalities in the system to have early defenses and automate the defense work. When an attack is detected, it is too late. That is the reason for defense and automatic preparation to ensure safety.

Regarding the incident at VNDirect, this securities company is currently working with partners who are leading technology corporations in Vietnam, as well as coordinating with the Department of Cyber ​​Security and High-Tech Crime Prevention (PA05), the Department of Cyber ​​Security and High-Tech Crime Prevention (A05) to ensure prevention of similar incidents to VNDirect for market safety.

In addition to building an anti-attack barrier and sharing to support each other in defense, in the current network environment, financial institutions also need to focus on supporting customers. As with the securities sector, Mr. Nguyen Phuc Nguyen emphasized the need to help customers protect themselves better through many forms such as product design, transaction forms as well as communication with customers...

Sometimes, just by clicking on a link, a customer's password can be stolen quickly. Even in the securities industry, the attack is sometimes as simple as the person behind the scenes buying a stock code without having to transfer money... These are all real risks to customers.