67% of Vietnamese businesses do not understand supply chain attacks.

To raise user awareness of sophisticated attacks and scams on digital platforms, the Southern branch of VNISA held a workshop today, May 25th, titled "Risk Warning and Prevention of Online Fraud".

The program was attended by representatives from the Ho Chi Minh City Department of Information and Communications, government agencies, the VNPT Information Security Center, and cybersecurity experts from the National Cybersecurity Monitoring Center.

The topic of supply chain attacks was raised by security expert Nguyen Manh Luat in his presentation on "Three Cybersecurity Threats." Additionally, cybersecurity expert Ngo Minh Hieu also highlighted these three threats: ransomware (malware demanding ransom), supply chain attacks, and artificial intelligence (AI).

Regarding the supply chain attack aspect, Mr. Luat stated that the reality is that many Vietnamese businesses do not truly understand supply chains. A very common example of a supply chain issue used by many Vietnamese businesses is accounting software.

Therefore, the discovery of a single security vulnerability in a library used by popular software can affect millions, even billions, of computers. In Vietnam, the most well-known case is the fake Unikey download website, a prime example of a supply chain attack.

Discussing solutions for businesses, Mr. Luat suggested dividing the approach into two methods: short/medium-term and long-term. In the short-term approach, businesses need to regularly check and update security patches, back up data fully, implement multi-factor authentication, and establish systems for monitoring and preventing fraud.

In the long term, businesses need to raise awareness and improve the professional competence of their security teams and employees, while also consulting with knowledgeable experts and investing appropriately in systems to mitigate risks from cyberattacks.