VNDirect yesterday successfully retrieved its key to decode the data and is on the way to restore its entire system in order to minimize disruptions in transactions. Normally, when under an attack, a company would have its backup system run. However, since both the main and backup systems of VNDirect could have been affected, it takes longer to amend the situation.
VNDirect has announced that its connections to other exchanges and investors will resume from tomorrow, which is not truly an unaccepted long time at all considering a huge amount of data to be recovered. This should be highly appreciated as a fierce determination of VNDirect.
Director Vo Duong Tu Diem of Kaspersky Vietnam shared that her organization has continuously delivered warnings to potential attacks on financial systems, which is why banks and related units should focus more on information security to minimize invasions of malicious factors to these sensitive systems.
Experts from the Vietnam Information Security Association commented that the VNDirect attack is considered a timely warning to organizations about the necessity to invest in IT systems and cyber security. It is time securities companies ensured cyber security to their system under the ‘4-level’ defense model as instructed by the Ministry of Information and Communications.
Further discussing the risks of cyberattacks into financial systems, General Director Yeo Siang Tiong of Kaspersky Southeast Asia shared that thanks to advanced financial technologies, banks now offer more connection portals, usually integrated with applications of their third parties. This method itself has become a wonderful chance for cyber criminals to destroy those sensitive systems more easily.
The technical report by the National Cyber Security Monitoring Center (NCSC) under the Information Security Authority reveals that during January and February 2024, the technical system of the Center repeatedly detected 71,877 and 76,507 information security weaknesses respectively in information systems of state agencies.
The Information Security Authority has just issued a warning about 6 severe information security vulnerabilities in Microsoft products, announced in March 2024. They are CVE-2024-21408 in Windows Hyper-V, CVE-2024-26198 in Microsoft Exchange Server, CVE-2024-21407 in Windows Hyper-V, CVE-2024-21334 in Open Management Infrastructure - OMI, CVE-2024-21426 in Microsoft SharePoint, and CVE-2024-21411 in Skype for Consumer.