Cyberattacks on Vietnam airports were
well-planned: association
Passengers are seen at the Vietnam Airlines check-in
counters at Noi Bai International Airport in Hanoi on July 29, 2016.
The cyberattacks on two major airports and the website of
Vietnam Airlines last week were well planned and sophisticated, stemming from
recent economic and political issues, a Vietnamese security association said
on Monday.
On
Friday afternoon, flight information and loudspeaker systems at international
airports Noi Bai in Hanoi and Tan Son Nhat in Ho Chi Minh City were
compromised, displaying offensive messages about Vietnam and the Philippines.
At
the same time, the VIP membership databases of national carrier Vietnam Airlines
was also stolen and leaked online.
The
Chinese hacker group 1937cn is believed to be responsible for the attacks.
The
hacking came amid a string of recent actions by China to oppose an
international court ruling against Beijing’s groundless claims in the East
Vietnam Sea.
The July 12 ruling by the Permanent Court of Arbitration in The Hague denied China's sweeping claims in the strategic seaway, through which more than US$5 trillion in global trade passes each year. "There was no legal basis for China to claim historic rights to resources within the sea areas falling within the [so-called] 'nine-dash line'," the court said. The ruling is claimed as a victory by the Philippines, which explains why the messages left by the hackers target at both countries, as Vietnam is also at odds with China over the maritime region.
“At
this time we can confirm that the cyberattack on Vietnam Airlines’ system is
an advanced and persistent threat, which was deliberate, well-planned and
began long before Friday,” the Vietnam Information Security Association
(VNISA) said in a statement on Monday.
An
advanced and persistent threat, or APT, is a network attack in which an
unauthorized person gains access to a network and stays there undetected for
a long period of time.
The
intention of an APT attack is to steal data rather than causing damage to the
network or organization.
Hackers
usually employ a set of continuous computer hacking processes to launch an
APT, usually targeting organizations or nations for business or political
motives.
In
the case of Vietnam Airlines, VNISA said there are signs showing that hackers
may have penetrated the airline’s system as early as mid-2014.
“However,
for the July 29 attack, the hackers used a brand new type of malware able to
pass normal security tools, such as antivirus software,” the association
said.
VNISA
added that “traces of the hack do not provide enough evidence to identify who
exactly the attackers are.”
“What
we can say is that they have extensive knowledge of the ICT systems at the
airports, including how the systems are structured and how the relevant
pieces of equipment work,” the association said.
“And
their goal is to take full control of the systems and neutralize all
databases.”
VNISA
is still working with other Internet security agencies to restore the
affected systems and prepare defenses to avoid futher attacks.
Vietnam
Airlines said its IT system had been thoroughly checked and returned to
normal operation as of 6:00 pm on Monday.
Tuoitrenews
|
Thứ Ba, 2 tháng 8, 2016
Đăng ký:
Đăng Nhận xét (Atom)
Không có nhận xét nào:
Đăng nhận xét