The cyber attack on the VNDIRECT system, a company in the top 3 of the Vietnamese stock market, which occurred on the morning of March 24 has been basically resolved. The incident disrupted the operations of this securities company as well as its partners and investors.
In recent days, in parallel with urgently implementing solutions to overcome the problem, based on the assessment of the actual situation, VNDIRECT has announced a roadmap to gradually put its systems, products and utilities back into operation.
The cyber attack on VNDIRECT system caused great damage to the reputation, data, and network security of businesses and users.
“Wake-up call” on proactive defense against cyber attacks
On March 27, VNDIRECT reopened the My Account account lookup system, allowing customers to change their passwords and check their balances. Then, at 9:00 p.m. on March 28, the company successfully completed the transaction flow in a simulated environment. The procedures to officially reconnect transactions with the Hanoi and Ho Chi Minh City Stock Exchanges are being completed. VNDIRECT expects the system to resume operations from April 1.
However, experts say that scanning for vulnerabilities and thoroughly fixing the problem is still a long way off. Ransomware (data encryption attack) is not a new form of cyber attack but is very complex, requiring a lot of time to clean up data, completely restore the system, and bring back normal operations.
“To completely overcome a ransomware attack, sometimes the operating unit has to change the system architecture, especially the backup system. Therefore, with the incident that VNDIRECT is facing, we think it will take more time, even months, for the system to fully recover,” said NCS Technical Director Vu Ngoc Son.
According to Mr. Ha Minh Vu, a cybersecurity expert at VSEC Company, depending on the severity of the attack, the ability to prepare in advance and the effectiveness of the response plan, the time required to recover the system after a ransomware attack can vary greatly, from a few hours to weeks or months to fully recover, especially in cases where a large amount of data needs to be recovered.
Experts also commented that, in addition to being a "wake-up call" for the units managing and operating important information systems in Vietnam, the cyber attack on VNDIRECT also once again showed the danger level of ransomware.
More than 6 years ago, WannaCry and its variants of data encryption malware caused many businesses and organizations to "struggle" when they quickly spread to more than 300,000 computers in nearly 100 countries and territories around the world, including Vietnam.
Ransomware attacks cause serious consequences when they affect the entire data system. (Illustration: KT)
VNDIRECT system safety assessment before operation
Currently, there are many rumors and different assertions about the incident on the internet, even many false information. However, the authorities are still investigating, analyzing the incident and restoring the system in the most stable and secure way.
Informing the press, Mr. Tran Quang Hung, Deputy Director of the Department of Information Security, Ministry of Information and Communications (MIC) said that as soon as the incident was detected, the functional units of the National Cyber Security Center of the Department A05 (Ministry of Public Security), the Vietnam Cyberspace Emergency Response Center (VNCERT), the NCSC of the Department of Information Security (MIC) together with experts from major cybersecurity companies in Vietnam joined hands to handle the incident, review and restore the system.
Up to now, the VNDirect system has been basically restored and is in the final review steps to bring the system back to the market.
“During the recovery process, the units will coordinate carefully and closely follow the progress to ensure the system operates safely and stably when it returns, while strengthening information security to avoid similar incidents that may occur. The Information Security Department together with the A05 Department will conduct an assessment of network safety and security before the system is officially put into operation,” said Mr. Hung.
Ransomware attacks on VNDirect systems are not a new form of cyber attack but have become quite popular in recent years. Financial and securities organizations are always one of the top targets of hackers.
According to the Deputy Director of the Information Security Department, many financial giants in the world have also been attacked by hackers, causing long-term disruptions. It can be said that this is considered a common problem for financial institutions worldwide, posing the problem of enhancing security and protecting information security in the financial system.
Mr. Hung said that this incident is an important lesson to raise the general awareness of network safety and security of organizations in Vietnam. Therefore, financial and securities organizations also need to urgently and proactively review and strengthen their existing systems and security personnel, and develop incident response plans. At the same time, they also need to strictly comply with the regulations and instructions on information security and network security that have been issued. This is also the responsibility of each organization to protect itself and its customers from potential cyber-attack risks.
“We hope that the VNDirect incident only causes temporary damage to businesses and the stock market in general. But in the long term, this “accident” will help improve the information security capacity of VNDirect in particular and financial organizations and institutions in Vietnam, so that businesses can develop sustainably in the face of the increasing trend of scale and sophistication of cyber attacks. With reasonable, adequate and necessary investment in network safety and security, systems will be more secure. Contributing to creating a healthy environment for investors to feel secure,” Mr. Tran Quang Hung emphasized.
Source
Comment (0)