Photo: Duc Anh
Inspection after July 29 hack reveals no further damage.
Vietnam Airlines confirmed on August 1 that it has completed a full inspection of its IT system and that normal operations have resumed after it was hacked on July 29.
The national flag carrier is also working closely with the Ministry of Public Security (MPS) and other relevant agencies to restore damaged programs involving hundreds of thousands of members of its Golden Lotus Program (GLP).
The attack occurred on July 29 when hackers changed the carrier’s website to include an announcement that it had been hacked and provided a link to download confidential data on its 400,000 GLP members.
An insulting message on Vietnam and the Philippines was also posted, referring to China’s claims to the East Sea. The name of the hacking group, 1937cn, appeared at the bottom of the page.
At Noi Bai International Airport in Hanoi and Tan Son Nhat International Airport in Ho Chi Minh City, screens displaying flight information also featured inaccurate information about the East Sea.
Sound systems were also commandeered at the airports, which were only noticed after a strange message was broadcast for four minutes. The public address systems were then shut down.
The incident led to the delay of more than 100 flights, including 64 from Tan Son Nhat and 30 from Noi Bai. Dozens of flights were delayed for between 15 minutes and more than one hour, according to the Civil Aviation Authority of Vietnam (CAAV).
The Chinese hacker group 1937cn dismissed accusations on July 30 that it launched a cyber-attack, according to a statement in Chinese posted on the group’s website.
“Things have now returned to normal,” Mr. Le Hoang Dung, spokesperson of Vietnam Airlines, said in a statement sent to VET on August 1. “We are now working closely with MPS and the Ministry of Information and Communications to improve the network.”
Deputy Minister of Transport Nguyen Nhat said on July 29 that the hackers had only gained access to the interface of the screens showing Vietnam Airlines’ flight information at Noi Bai and Tan Son Nhat, not the search or booking system. Flight control and security had not been affected.
At 5.30pm on July 29 the user interface on the Vietnam Airlines site returned to normal, but changes on the company’s sub-domain at http://glp.vietnamairlines.com/ remained until some time later.
1937cn is one of the most notorious hacker groups in China, launching over 40,000 attacks recently, according to the Chinese hacker ranking site hack-cn.com.
On July 12 an Arbitration Tribunal in The Hague ruled in favor of the Philippines, rejecting China’s sweeping claims to large swathes of the East Sea. China dismissed the ruling as a “farce”.
In June last year, amid territorial disputes in the East Sea, 1937cn attacked the website of the University of Santo Tomas’ Museum of Arts and Sciences in the Philippines, leaving similar provocative messages.