This alarming trend was underscored by Mr. Nguyen Gia Duc, Country Director of Fortinet Vietnam, during the Fortinet Accelerate Vietnam 2024 held recently in Hanoi.

Fortinet's FortiGuard Labs conducted extensive research indicating a 43% increase in the exploitation rate of vulnerabilities during the latter half of last year compared to the first half of 2023. This surge in cyber attacks emphasizes the critical need for software vendors to swiftly detect vulnerabilities internally and release patches before malicious actors can exploit them, thereby mitigating the risks associated with Zero-Day vulnerabilities.

Duc emphasized the importance of transparency from vendors in promptly disclosing vulnerabilities to customer organizations. This transparency ensures that organizations have the necessary information to secure their assets effectively against potential cyber threats.

In response to these threats, Duc advised organizations to regularly review and evaluate their information security systems. Timely application of patches provided by vendors is crucial to reducing the exposure to newly identified vulnerabilities.

In Vietnam, the Department of Information Security under the Ministry of Information and Communications plays a crucial role in overseeing network information security. The department's proactive measures include regular assessments and vulnerability detection across information systems of agencies, organizations, and enterprises. It issues warnings and mandates the prompt remediation of identified vulnerabilities in accordance with legal regulations.

During a workshop on the sideline of the Vietnam Security Summit 2024, the Ministry of Information and Communications stressed the importance of proactive measures to enhance cybersecurity. These measures include continuous threat hunting to swiftly detect signs of system intrusion, timely patching of vulnerabilities, and leveraging national information security platforms for support.

Recent data from the National Cyber Security Monitoring Center (NCSC) revealed concerning statistics. In May 2024 alone, over 89,000 vulnerabilities were detected in servers, workstations, and information systems of state agencies and organizations. Additionally, more than 1,600 vulnerabilities were identified on 5,000 publicly accessible systems via the Internet.

Among the newly identified vulnerabilities, CVE-2024-4671 was highlighted due to its potential serious impact on various products used by agencies, organizations, and businesses. The Department of Information Security urged comprehensive inspections and reviews of systems to identify affected products and implement necessary remedial actions promptly.

Van Anh