According to the Authority of Information Security (AIS) under the Ministry of Information and Communications (MIC), Decree 147 on the management and use of the Internet and online information, and Decree 137 on electronic transactions by state agencies and information systems serving electronic transactions, are important legal documents related to information security.

With Decree 137, for the first time, the concept of ‘network trust’ and ‘network trust evaluation criteria’ are clarified in a government document. Accordingly, network trust is a certification that shows that information systems serving electronic transactions meet regulatory criteria.

The network trust criteria for information systems serving electronic transactions include compliance with legal regulations on information security assurance at a designated level; and commitment to collecting and storing personal data only with user’s consent, except as otherwise provided by law.

Users’ data, from access devices to electronic information sites, must be encrypted using secure algorithms provided by a trusted third party. The domain names and server addresses of electronic information sites must not be found in the list of sites that MIC recommends no access. The list is published at tinnhiemmang.gov.vn.

To be granted a network trust certification, information systems serving electronic transactions must meet other requirements such as ensuring that the electronic information sites do not contain harmful links, malware, or fraudulent information that violates the law and could harm users.

Administrators of information systems serving electronic transactions are encouraged to research, evaluate, and publicly declare that their systems meet the network trust criteria.

“With these new regulations, when citizens visit the websites of agencies or organizations and see the network trust labels, they can be sure that the systems have been verified. This allows citizens to identify fake websites from real, authenticated ones,” AIS explained.

According to the National Cyber Security Monitoring Center (NCSC), by the end of October 2024, AIS had evaluated and granted network trust certifications to 5,942 information systems serving electronic transactions owned by agencies and organizations.

In October alone, NCSC identified 49 fraudulent websites forging legitimate brands of agencies and organizations.

By the end of October 2024, the number of fake websites listed in the online fraud prevention database had increased to 125,448.

These fake websites were created and used by groups or individuals to swindle citizens online, causing harm and negatively affecting the reputation and branding of the agencies and organizations.

The national cyberspace security monitoring system has handled over 10.5 billion entries and successfully blocked more than 14,552 harmful websites, including nearly 3,300 fraudulent websites, protecting over 11.32 million users.

Trong Dat