At the CIO CSO Summit 2023 conference on the morning of November 22 in Hanoi, Mr. Nguyen Son Hai, CEO of Viettel Cyber Security (VCS), said that businesses still often receive reports from the Information Security department that they are not affected. attack.
“However, many of them were attacked without even knowing it,” he said.
Citing a report from VCS Threat Intelligence – a system that collects information from many sources on the Internet, including public sources and underground communities, Mr. Hai said that tens of millions of user accounts and data records have been hacked. hacking or selling online. In addition, at least 300 GB of organizations’ data has been subjected to ransomware since the beginning of the year.
Mr. Nguyen Son Hai shared at the conference. Photo: Quynh Bui
Regarding financial fraud, VCS’s system also detected more than 5,800 impersonated domain names used to steal, take over accounts, and take money from users. In particular, all banks in Vietnam, five e-wallets and a number of manufacturing and retail businesses have all been impersonated.
Another form of attack, denial of service attack (DDoS), is also thriving. Statistics from the Anti-DDoS system show that there are more than 111,000 attacks with bandwidth greater than one Gbps, nearly 7,000 attacks with bandwidth greater than five Gbps. “With business transmission lines usually under one Gbps, these attacks cause service disruption because customers cannot access,” Mr. Hai said.
The report also shows that more than 9.7 thousand DDoS attacks took place with a duration greater than 15 minutes. In total, this form causes at least 2.4 million minutes of interruption to IT systems in Vietnam.
According to VCS representatives, DDoS or malicious code is still provided as a service. Thieves only need to spend about 20 USD to hire someone to attack a business. In addition, the trend of digital transformation brings all business activities to the Internet and bad actors are also shifting towards small and medium enterprises. At that time, Vietnamese businesses will have to deal with international cybercriminal organizations with a team of highly qualified hackers and professional organizations. Meanwhile, dealing with it can be difficult because the attacks are carried out instantaneously, cross borders and are difficult to trace.
Security experts call this “asymmetry in information security capacity”. In the context that domestic information security personnel are still lacking compared to demand, organizations in Vietnam are advised to find a solution by choosing a unit specializing in information security to accompany them, instead of just Buy single solutions and software.
At the conference, Mr. Tran Dang Khoa, Deputy Director in charge of Information Security – Ministry of Information and Communications, said that digital transformation brings many benefits to people and businesses, but there are also many risks. , security challenges.
According to him, businesses need to consider information security as a mandatory requirement, not a factor to choose from, especially for units providing online services to people. “If non-compliance, the organization must bear responsibility and risk before the law when an incident occurs,” he said.
Mr. Tran Dang Khoa spoke at the conference. Photo: Quynh Bui
The Department’s representative recommended that when implementing information security, businesses should pay attention to the balance between cost and efficiency, prioritize resolving potential or existing risks in the information system, and at the same time deploy both the system as a whole as well as each individual in the organization. In addition, he also recommends prioritizing the use of Make in Vietnam solutions because each market will have its own characteristics and risks.
Luu Quy
EN 
VI
Leave a Reply
You must be logged in to post a comment.