A team of self-proclaimed Chinese hacker has compromised the announcement screen systems at many major airports in Vietnam, and hacked the website of the country’s national flag carrier, the Ministry of Transport confirmed on Friday.
On Friday afternoon, some flight information screens at both Noi Bai International Airport in Hanoi and Tan Son Nhat International Airport in Ho Chi Minh City have been compromised to display offensive messages toward Vietnam and the Philippines, along with distorted information about the East Vietnam Sea.
The Da Nang International Airport, the largest of its kind in central Vietnam, did not have the announcement system compromised, but the computer system experienced repeated glitches.
Deputy Minister of Transport Nguyen Nhat confirmed to Tuoi Tre (Youth) newspaper at 6:00pm that relevant authorities have stopped the hackers from attacking the systems at both airports.
Airlines at the terminals had to shut down some check-in counters and switched to manual procedure completion, which may lead to flight delays.
Competent agencies are looking into the incidents to identify their causes, deputy minister Nhat said.
As of 6:30 pm, many out of 21 airports across Vietnam have had to switch to complete check-in procedures for passengers manually, instead of using computers.
“All Internet systems have been switched off so we had to do everything by hands,” an airline attendant at Tan Son Nhat airport said.
A video posted on Facebook on Friday afternoon also shows the loudspeaker system at the same airport delivers an announcement in English, with the same offensive messages.
Some Vietnamese internet security experts also posted on their Facebook photos showing that the VIP passenger section on the website of Vietnam Airlines had also been hacked and defaced.
According to a screenshot, the hackers said they are China 1937CN Team, and the hacking is “a warning message” for Vietnam and the Philippines.
A Vietnam Airlines later confirmed that its website had been hacked, but did not know how long it had been under control of the hackers.
“We are trying to restore data and cannot comment at the moment whether the data has been leaked to outside sources,” the source said.
A source said data of some 411,000 passengers had been in the hand of the hackers.
As of 6:30 pm, the Vietnam Airlines website was fully restored to normal state.
An Internet security expert told Tuoi Tre the alleged Chinese hackers must have been able to penetrate deeply into the carrier’s system to be able to take control of the screen and loudspeaker systems.
The carrier said at 5:45 pm that it had isolated and taken back control over the compromised systems.
Many Vietnamese security agencies and companies have joined hands to help the airline.
Vietnam Airlines said it has deployed back-up plans to ensure safety and operations at airports.
Passengers queue up to check in manually at Noi Bai International Airport in Hanoi on July 29, 2016, as all computers and information boards have been switched off
The hacking came amid a string of recent actions by China to oppose an international court ruling against Beijing’s groundless claims in the East Vietnam Sea.
The July 12 ruling by the court in The Hague denied China's sweeping claims in the strategic seaway, through which more than $5 trillion in global trade passes each year.
"There was no legal basis for China to claim historic rights to resources within the sea areas falling within the [so-called] 'nine-dash line'," the court said.
The ruling is claimed as a victory by the Philippines, which explains why the messages left by the hackers target at both countries.
1937CN is the hacker group that has launched numerous attacks to Vietnam and the Philippines.
Only in the last two days of May last year, around 1,000 Vietnamese websites were attacked by those hackers,
Among the attacked websites were 15 government-run platforms, with the domain name of .gov.vn, and 50 education (.edu.vn) ones, according to WhiteHat, an online forum for Internet security enthusiasts run by Bkav.
Around 200 websites of the Philippines were also attacked in the same period, between May 30 and 31, 2015.
1937cn claimed responsibility for the attacks and made them public on their website, according to WhiteHat.