Ensure the safety and stability of the VNDIRECT system when it resumes operation.
The cyber attack on the VNDIRECT system on March 24 disrupted the operations of this securities company as well as its partners and investors. In recent days, in parallel with the urgent implementation of solutions to overcome the incident, based on the assessment of the actual situation, VNDIRECT has announced a roadmap to gradually put its systems, products and utilities back into operation.
On March 27, VNDIRECT reopened the My Account account lookup system, allowing customers to change passwords and check balances. Then, at 9:00 p.m. on March 28, the company successfully completed the transaction flow in a simulated environment. The procedures to officially reconnect transactions with the Hanoi and Ho Chi Minh City Stock Exchanges are being completed. VNDIRECT expects the system to be operational again from April 1.
The latest information from VNDIRECT said that immediately after the cyber attack was discovered, the company received support for handling and overcoming the incident from the authorities including the National Cyber Security Center of the A05 Department ( Ministry of Public Security ), 2 centers VNCERT/CC and NCSC of the Information Security Department (Ministry of Information and Communications) and a team of experienced experts from large information security and cyber security enterprises in Vietnam.
Speaking to VietNamNet on the afternoon of March 29, Mr. Tran Quang Hung, Deputy Director of the Department of Information Security (Ministry of Information and Communications), one of the experts who has been accompanying the VNDIRECT team, said: "At present, the VNDIRECT system has been basically restored and is in the final review steps to resume operations, allowing investors to return to participate in the market."
During the recovery process, the units coordinated very carefully, closely following the progress to ensure the system operates safely and stably when it returns, while strengthening information security to avoid similar incidents that may occur. "The Department of Information Security will work with the A05 Department to conduct an assessment of network safety and security before the system is officially put into operation," said Mr. Tran Quang Hung.
Important lessons for many organizations and businesses in Vietnam
Deputy Director of the Department of Information Security Tran Quang Hung said that the ransomware attack that the VNDIRECT system had to endure is not a new form of cyber attack, but has become quite popular in recent years. Financial and securities organizations are always one of the top targets of hackers.
In fact, many financial giants in the world have also been attacked by ransomware, causing long-term disruptions. Ransomware attacks are considered a common problem for organizations and businesses around the world, especially financial institutions. This problem has posed an urgent need to strengthen security and protect information safety in financial systems.
Experts from the Department of Information Security commented that the attack on the VNDIRECT system continues to be an important lesson for organizations and businesses in raising awareness of network safety and security. Based on a clear understanding of the risks, businesses and organizations operating in the financial and securities sectors need to urgently and proactively review and strengthen their existing systems and security personnel, and develop response plans when incidents occur.
“Financial and securities companies and organizations also need to strictly comply with the regulations and guidelines on information security and network security that have been issued. This is the responsibility of each organization to protect itself and its customers from potential cyber attacks,” the expert from the Information Security Department emphasized.
The representative of the Information Security Department hopes that the information security incident of VNDIRECT will only cause temporary damage to businesses and the stock market; in the long term, this "accident" will help improve the information security capacity of VNDIRECT and other organizations and financial institutions in Vietnam. From there, businesses and organizations can develop sustainably in the digital age, facing the trend of cyber attacks increasing in both scale and sophistication and complexity.
With reasonable, adequate and necessary investment in network safety and security, information systems of enterprises and organizations in Vietnam will be more secure, thereby contributing to creating a healthy environment, helping investors feel secure to participate in the market.
In the face of many rumors about the incident at VNDIRECT, Deputy Director of the Department of Information Security Tran Quang Hung affirmed: The authorities are still investigating, analyzing the incident and restoring the system in the most stable and safe way.
“Organizations and businesses should consider this period as an opportunity to review, evaluate, and “reinforce” their entire system to improve their ability to proactively respond to and detect cyber-attack risks early. The functional units of the Ministry of Public Security, the Ministry of Information and Communications, and the Vietnamese network security and safety business force are always ready to accompany and coordinate,” the representative of the Information Security Department recommended.
Opportunity to change information security awareness from the incident of VNDIRECT being attacked
VNDIRECT recommends that investors change their password immediately after logging into the system.
Evaluate the safety of the system serving online securities transactions before April 15
Source
Comment (0)