Information technology (IT) based services of the Vietnamese banking system were operating normally and still secure, the State Bank of Vietnam (SBV) stated in a recent press release.
The April 10 announcement was made after Vietnamese security platform HVA Online earlier called on e-banking and payment portal users to temporarily avoid making online transactions because of a bug called OpenSSL Heartbleed. Platform experts warned that some 15 payment websites in the country had been attacked.
The bug, detected by Google researchers and security firm, Codenomicon, is believed to create a serious vulnerability in the popular OpenSSL cryptographic software library, thereby allowing hackers to steal information protected by SSL/TLS encryption, which is used to secure Internet traffic.
The SBV noted that it immediately asked credit institutions nationwide to check their IT systems and received confirmation on their safety. Banks have also completed updating a patched version of OpenSSL.
Besides the SSL encryption, banks also protect transactions by deploying many other solutions, such as public-key infrastructure (PKI) and one-time password (OTP), according to the central bank.
"Hackers may exploit the OpenSSL Heartbleed bug, but they won't be able to infiltrate the banks' IT security systems," it claimed.-VNA
The April 10 announcement was made after Vietnamese security platform HVA Online earlier called on e-banking and payment portal users to temporarily avoid making online transactions because of a bug called OpenSSL Heartbleed. Platform experts warned that some 15 payment websites in the country had been attacked.
The bug, detected by Google researchers and security firm, Codenomicon, is believed to create a serious vulnerability in the popular OpenSSL cryptographic software library, thereby allowing hackers to steal information protected by SSL/TLS encryption, which is used to secure Internet traffic.
The SBV noted that it immediately asked credit institutions nationwide to check their IT systems and received confirmation on their safety. Banks have also completed updating a patched version of OpenSSL.
Besides the SSL encryption, banks also protect transactions by deploying many other solutions, such as public-key infrastructure (PKI) and one-time password (OTP), according to the central bank.
"Hackers may exploit the OpenSSL Heartbleed bug, but they won't be able to infiltrate the banks' IT security systems," it claimed.-VNA