Accordingly, the State Securities Commission requires securities companies to immediately implement the contents to ensure safe, stable, and smooth operations of the stock market, information technology systems, and continuous backup databases. according to the provisions of Clause 10, Article 89 of the Securities Law 2019; At the same time, immediately review and check security plans for information technology systems, especially stock trading systems and systems connected to the Internet to promptly fix security holes ( if any).
The SSC also requires securities companies to check online trading processes; risk control process; system and data backup procedures; management and operation processes of information technology systems; Develop measures to respond to and overcome potential security risks.
“In case of detecting signs of insecurity, we must be proactive and concentrate resources to handle and overcome; promptly report to the State Securities Commission, stock exchanges, and the Depository and Clearing Corporation. Vietnam securities company (for member securities companies) and functional agencies to coordinate direction and handling,” the representative of the State Securities Commission stated.
The State Securities Commission also requires companies that have suffered cyber attacks to take it seriously, urgently carry out and report the results of review, inspection, and remediation plans (if any) to the Commission and relevant units before January 1. 4.
Warning document of the State Securities Commission.
Previously, on March 25, VNDirect sent a written report on the problem of the online trading system to the State Securities Commission. Specifically: The incident occurred at 10:00 a.m. on March 24 at DC Fornix Duy Tan. The system has been attacked by an international hacker organization. The system was attacked by virtual infrastructure, resulting in the company’s entire trading platform being temporarily unable to log in.
The company confirmed that this incident interrupted trading activities, but did not affect the asset status of customers’ securities accounts. According to VNDirect, the impact on the market, customers, transaction systems and other related systems. Customers cannot log in to make online transactions. However, the company confirmed that no damage has occurred.
To fix the problem, on the morning of March 25, VNDirect coordinated with partners FPT and Viettel to handle, fix, and ensure the safety of all customer information and assets. Hanoi Stock Exchange (HNX) and Ho Chi Minh City Stock Exchange (HoSE) also temporarily disconnected VNDirect’s trading connection with HoSE from March 25 until this company completes the fix. problem.
According to cybersecurity experts, when a securities company is attacked, users may face the following risks: Transactions are interrupted, causing economic losses to investors; Personal information is leaked or leaked; Account password leaked or password changed. To find the full cause of a cyber attack will take 1 – 2 weeks or 1 month. In fact, the world has statistics on intrusion cases, the average resolution time takes 100 – 200 days. The system can be put back into operation sooner, but radical corrective measures still take a long time.
