State agencies' websites most vulnerable to cyberattacks
Viet Nam reports an average of 26 cyberattacks per day, with governmental agencies, banks and e-commerce websites the most vulnerable.
Illustrative image (Photo: VNA) |
Deputy Minister of Information and Communications Nguyen Thanh Hung unveiled the data at a cyberattack drill for northern provinces hosted by the Viet Nam Computer Emergency Response Team (VNCERT) in Ha Noi on December 24.
The drill drew the participation of 300 attendants, including about 150 IT technicians and officials from State agencies, banks and enterprises.
Hung said that the government was focusing resources into building a functional e-government, with the websites or electronic portals being a fundamental part to connect authorities with people and businesses.
So far, 17 of 23 ministries and all 63 provinces and cities of Viet Nam have launched their own websites.
From October 20 to November, 17, 744 cyberattacks were reported to VNCERT including 428 malware attacks, 254 phishing scams and 62 website defacement attacks. Viet Nam’s websites, especially those belonging to State agencies, have thousands of security holes, which could allow hackers to gain unauthorised access and interfere with operations and data.
The systems’ low security sophistication can lead to breaches of information related to servers, services, domains or email lists. Failures to update security patches also allow hackers to exploit vulnerabilities and let the number of holes remain high.
"Information security is quite similar to healthcare sector, in developing countries, the focus is primarily on treating the diseases while the developed countries pay a lot of attention to preventive measures," Hung said, urging State agencies to focus more on protection against attacks rather than how to deal with incidents and breaches when they already occur.
Nguyen Trong Duong, Deputy Director of the Authority of Information Security, said the Government should have invested in training the IT labour force and upgraded technology and innovation.
This year's drill focused on websites’ attack prevention and control. Participants were divided into 30 teams and each managed an independent network of servers running on cloud software. Stimulated attacks were carried out in different ways, forcing teams to be flexible in making responses.
Teams were required to perform quick situation analysis, investigation and come up with solutions to resist the attacks, protecting systems, making patches and mitigating further incidents.
A similar event for southern provinces is scheduled to be held in Vinh Long province on December 26.
(Source: VNA)