The National Cybersecurity Monitoring Center under the Authority of Information Security last April issued warnings and instructions on how to handle 498 cyberattacks to information systems in Vietnam that caused incidents, a 5.1 percent decrease compared with March and 46.9 percent decrease compared with the same period last year.

April was the second consecutive month in 2023 that saw the number of cyberattacks that caused incidents fall sharply. In March, the number of attacks to systems that caused incidents was 525 in March, down 68.9 percent compared with February 2023 and 49.3 percent compared with the same period last year.

As such, in the first four months of 2023, the total number of cyberattacks on systems in Vietnam that caused incidents was 3,944, lower than that of the same period last year.

Commenting about the decreases, security experts said agencies and institutions have attached more importance to ensuring cybersecurity, which has brought improvement after a period of improved investment and supervision.

However, according to the Ministry of Information and Communications (MIC), the cybersecurity of many agencies and organizations remains unsecured. The ministry is planning to intensify supervision over information security safety and scan and detect problems on Vietnam’s cyberspace.  

Long national holidays are the time when hackers intensify their attacks. According to Truong Duc Luong, president of VSEC, the company’s monitoring tools found that cyberattacks increase by 30-40 percent during holidays. The targets of cybercriminals are institutions and businesses related to financial services such as banks, securities and insurance.

The governing bodies of information systems need to check their systems to ensure strict compliance in accordance with regulations instructed by state agencies. At the same time, they need to work with professional partners in information security to detect vulnerabilities and keep information systems to prevent risks and respond in emergency cases.

“Organizations can upgrade protection capability for their information systems by developing internal protection staff, or hiring 24/7 monitoring service,” Luong said.

In general, institutions and enterprises are aware of the importance of applying technical solutions to ensure information security. The common problem is the weakness in supervising the compliance which creates vulnerabilities.

The other problem is that institutions seem to focus more on the risks from outside, but for large-scale institutions, internal problems also create cyberattack risks. Therefore, VSEC’s experts stressed that institutions also need to prevent internal risks as well.

Van Anh