It’s business as usual at Vietnam’s airports as the national police begin their investigation into last week's cyber attack.
Last Friday, Chinese hacker collective 1937CN allegedly wreaked havoc on Vietnam’s airports and took control of the Vietnam Airlines website. Hanoi’s Noi Bai International Airport and Saigon’s Tan Son Nhat International Airport were the hardest-hit while airports in Da Nang and Phu Quoc also suffered similar disturbances, reports Tuoi Tre.
The hackers took over the airports’ advertising screens, displaying “distorted information” about the East Sea and insulting Vietnam and the Philippines. The PA systems were also hijacked, blasting “eerie shrieks” for at least four minutes before being turned off, according to Facebook user Nghiem Danh Hao.
However, according to Deputy Minister of Transport Nguyen Nhat, the airports’ search engines and ticket-booking systems were intact, as were the security and flight operation systems, reports Thanh Nien. Nonetheless, thousands of commuters were stranded and flights delayed as airline personnel had to switch to manual check-in procedures.
Vietnam Airlines’ website was also targeted. Hackers defaced the homepage with pro-China messages and leaked the personal information of more than 400,000 members of the airline’s frequent flyer program, Lotusmiles. On the same day, Vietnam Football Federation’s website was breached as well, though it remains unclear whether this attack was related.
The Ministry of Public Security has since launched a probe into the incident, deploying its economic security and internet security units, known respectively as A85 and A68, to look into the attack. The investigation has also involved the Northern Airports Authority and Southern Airports Authority, reports Tuoi Tre.
A team of internet security experts under the ministry joined the Authority of Information Security, Vietnam's Computer Emergency Response Team and telecommunication companies such as FPT and Viettel in assisting Vietnam Airlines with the incident. The airline’s website was back to normal as of 5:10pm on the same day and is being closely monitored.
Regarding the breach of Lotusmiles members’ information, Vietnam Airlines said it has regained control of this data and will implement measures to rectify the issue. However, members were cautioned to change their passwords as soon as possible and opt for tighter security preferences such as two-step authentication.
Following the attack, 1937CN neither acknowledged nor denied media reports attributing the attack to them, a bewildering move given the group’s name and the disclaimer “hacked by 1937CN team” were featured prominently on the hijacked screens.
"1937CN is a non-government organization. We do not want to be a victim of the politics,” 1937CN team founder Liu Yongfa told Global Times. "At a time when the definition of a cyber crime remains vague in China, our team will start a cyber war to defend the country and the people when their sovereignty and rights are violated by foreign countries.”
[Photo via Zing]