38.jpg
Monitoring a cyber-attack at a center for information security in Ho Chi Minh City. (Photo: SGGP)


Recently, there have been various cyberattacks under the form of ransomware into large corporations in Vietnam like VNDIRECT, VPOil, greatly worrying other businesses as well as functional agencies.

Director Le Xuan Thuy of the National Center for Cyber Security (under the Department of Cybersecurity and High-Tech Crime Prevention (A05) – the Ministry of Public Security) commented that there might be spies in critical organizations. These criminals, some of whom are even more professional than full-time employees, have hidden for a long time to secretly monitor daily operations of those organizations to prepare for their final attack and steal money.

Deputy Director Pham Thai Son of NCSC (under the Authority of Information Security – the Ministry of Information and Communications) confirmed that after the waiting time, these spies can carry out a cyberattack and create a severe impact to the victim organization.

Statistics from the Authority of Information Security reveal that since the beginning of this year, there have been more than 13,750 cyberattacks into information systems in Vietnam.

Vice Chairman Nguyen Ba Diep of the Vietnam Information Security Association (VNISA) – Southern Branch stated that maintaining information security is an important long-term battle that requires much investment. To save the cost on this issue, businesses and organizations should not wait until an incident happens to deal with it. Instead, they should better cooperate with professional units of the State.

Experts in the field agreed with this proposal, saying that businesses and organizations usually pour 80 percent of the money into coping with already-happened incidents, not to monitoring and prevention tasks. Ransomware, in particular, must be prevented rather than dealt with, which might cause more trouble and harmful effects. NCSC should provide overall monitoring to deliver timely alerts to the community and businesses.

“The level of investment and compliance with information security laws of agencies, organizations, and businesses are disproportional. Some even hide certain information when under cyberattack. Recent ransomware attacks into a number of Vietnamese enterprises show that the system to store and manage user data of an organization is as vital as those of state units and should be carefully protected”, said Tran Nguyen Chung, Head of the Information System Security Division (under the Authority of Information Security).

Digital transformation means digitizing more critical data in information systems, making them a lucrative prey to cybercriminals. Hence, strictly observing security maintenance methods is necessary to avoid potential risks in cyberspace and increase the trust of the public toward an organization.

Prime Minister Pham Minh Chinh issued Dispatch No.33/CD-TTg on April 7, 2024 asking related ministries and state agencies, local authorities with more cyberattacks to seriously adopt Decision No.05/2017/QD-TTg (released on March 16, 2017), Directive No.18/CT-TTg (released October 13, 2022) by the Prime Minister, and Circular No.20/2017/TT-BTTTT (released on September 12, 2017) by the Ministry of Information and Communications.

Those legal documents are about timely reporting cyber incidents to the higher management level or special task forces for emergency response as well as national inspection units. The victims are asked to follow instructions of national coordinating agencies and relevant functional units when collecting information and handling those incidents. All damages must be fully reported to the national coordinating agency.

VNISA has already delivered warnings on ransomware attack trends to all organizations, businesses, and state agencies, particularly VNISA members and partners. The gradually increasing dependence on digital data and the Internet has made both individuals and organizations more vulnerable to cyberattacks, including ransomware ones.

The danger of this cunning attack method lies in not only its ability to encrypt data, spread quickly, and ask for ransom, but also its chance to establish a financial transaction channel through which hackers can gain illicit profits. Ransomware attacks have been one of the toughest challenge to cyber security right now, and thus VNISA proposes more investment in monitoring solutions to timely detect any abnormal signs.

The National Center for Cyber Security under A05 shared that the community has only paid more attention to cyber security recently after several serious attacks that cause huge damages. However, there are still a lot of outdated information security systems, becoming a fertile land for criminals to gain illegal profit.

With quite low costs, organizations and businesses can frequently check and monitor their own information systems. Hence, A05 has sent recommendations of necessary activities (managing current accounts, updating software, improving technological infrastructure) to boost the cyber security level of units in need in order to avoid ransomware attacks.

SGGP