VietNamNet Bridge – Vietnam is now ranking fifth among the 10 countries, which are facing the highest risk, in the 2010’s reports about information security released by prestigious security firms, including McAfee, Kaspersky or CheckPoint.


The information has been released at the Information Security Day held in HCM City on November 18.

 

Vietnam ranks fifth, after China, Russia, India and the US in terms of the risk of Internet attacks. The other five countries include Germany, Malaysia, France, Ukraine and Spain.

 

The risk is increasing

 

Trinh Ngoc Minh, Deputy Chair of the Vietnam Information Security Association (Vnisa) said that the wave of information technology (IT) crimes has become stronger and crimes now tend to attack IT applications rather than information infrastructure. Hackers now tend to attack the credit information system. It has also happened that foreigners join forces with Vietnamese people to carry out Internet attacks on the service system (telecom networks, game or message systems) in order to appropriate their assets.

 

Vietnam is also among the top 15 countries which spreads most of malicious codes, just after the US and China in terms of “SQL Injection”.

 

Vnisa, which conducted a survey on 300 enterprises, has found t that 33 percent of enterprises said they discovered incidents of network security attack, a one percent decrease from 2009. However, 29 percent of enterprises said they do not know if their networks were attacked or not. Of the discovered network security indicidents, 27.5 percent of cases were attacked by Trojan or Rootkit, while 42 percent by a virus or worm. Most of the enterprises said that the percentage of the cases, where the purpose of earning illegal? profit has increased by three folds compared with 2009. 40 percent of enterprises said the biggest damages have been caused by viruses.

 

Investments still ineffective

 

Being aware of the risk of information security incidents, Vietnamese enterprises have increased their investments on information security, when 47 percent of enterprises said they increased investments in 2010 (the figure was 37 percent in 2009). However, it seems that the investments have not brought effects, as 2/3 of polled enterprises said they do not know and they do not have the procedures to react to Internet attacks

Minh said that many enterprises still do not understand the the seriousness of attacks on the information security system..

 

Pham Anh Tuan, Deputy General Director of Vietinbank, said that every enterprise needs to build up a procedure on information security and apply existing standards, such as ISO27000. Only after doing this, should enterprises think of making investment on infrastructure. “If the infrastructure is good, but the internal security procedure is bad, this is like building a house with no foundation,” he said.

 

Talking about the investments in information security, Jimmy Goh, Director ZyXEL Singapore, an expert in network solutions and Internet security, said that the investments by Vietnamese enterprises in information security solutions remain modest. The problem is that enterprises spend big money on the infrastructure systems, and they also have to spend money on their management and operation .

 

Source: Thoi bao Vi Tinh Saigon