VietNamNet Bridge – The Ministry of Natural Resources and the Environment (MONRE) has denied assertions that its database on the East Sea was stolen by hackers.
Mr. Nguyen Huu Chinh.
Security experts two days ago discovered an intentional cyber attack against MONRE, warning that top confidential documents may have been stolen by the attackers.
According to the experts, MONRE’s officers received emails in their personal email accounts with attached files, Microsoft Word documents laced with malware. The webmail accounts of the officers did not allow them to use a “preview” feature to safely view the documents, so some officers downloaded the files to their work computers. Upon opening the documents, the computers became infected.
Nguyen Huu Chinh, director of the Information Technology Agency, has confirmed that the ministry’s information system suffered a cyber attack, but denied that confidential documents were taken.
“We did not lose the East Sea database as reported by some online newspapers, which quoted some security experts,” he said.
Chinh insisted that the hackers could not have stolen information from the latest attack, because the infected personal computers were only used for exchanging daily information. Important and confidential data are stored on other systems, which the infected computers were not authorized to connect to.
As soon as MONRE was informed of the attack, its workers immediately scanned theservers that store important data and were relieved to find that there were no major problems. Only one server was found to be infected with spyware, and the problem was fixed.
After analyzing the tracks of the spyware, the agency’s experts found that the server from which it originated is located in the US, not in China as initially thought. However, Chinh admitted that this does not mean that the hackers were from the US. It is possible that the hackers, who could be anywhere in the world, leased a domain name and server in the US to conduct the attack and steal information.
The attack against MONRE’s information systems has once again given security experts more reason to criticize state management agencies for their lax attention to security measures. In the MONRE case, hackers used a familiar method of attack which could have easily been prevented.
Chinh declined to respond directly to the criticism, but said that MONRE always requires its officers to follow strict security procedures set by the experts.
The senior official revealed that another attack on the ministry’s system occurred three weeks ago.
The ministry spends VND100 billion per year on its information technology system development, including the security measures.
TBKTSG