Ready resources

After the recent cyber attacks, the Prime Minister issued a Directive on improving information security (IT). “Ministries, branches, localities, enterprises, and units must thoroughly understand this directive. The Department of IT Security shall immediately issue instructions for implementation, paying special attention to the system's resilience and recovery capabilities because it is difficult to avoid attacks, the most important thing is the ability to recover. Therefore, investment in digital transformation and information technology must always be accompanied by configurations for network safety and security, and with a cost of at least 10%,” Minister of Information and Communications Nguyen Manh Hung immediately directed.

The Minister requested the Information Security Department to quickly invest in upgrading the system for the National Cyber ​​Security Monitoring Center to be updated, modern, with the latest technology and as a national model system. The Center has two important functions: monitoring information in cyberspace, protecting the regime, and monitoring cyber attacks, providing support when attacked, and protecting the Fatherland in cyberspace.

Binh Phuoc Cyber ​​Security Operations Center (SOC). Photo: Ministry of Information and Communications

According to cyber security experts, hackers often attack at the most unexpected and least noticed times. Therefore, during the April 30 - May 1 holiday, the risk of being attacked is quite real. Therefore, the Ministry of Information and Communications has requested agencies, organizations and businesses to strengthen the implementation of network security for information systems under their management.

Specifically, agencies, organizations and enterprises need to consolidate and prioritize resources and human resources for 24/7 on-call and monitoring tasks; proactively and continuously monitor centralized information security monitoring systems and centralized malware prevention systems to ensure timely detection, handling and remediation of cyber attacks and verified malware warnings.

Units regularly monitor, receive and handle information security warnings via the National Cyber ​​Security Incident Coordination Platform - IRlab.vn provided by the Ministry. Along with that, agencies, organizations and businesses must be ready to deploy response plans, handle cyber attacks and quickly restore normal operations of information systems in case of incidents.

Particularly for enterprises providing telecommunications and Internet services and organizations and enterprises providing digital infrastructure and digital platforms, during major holidays, it is necessary to increase human resources, assign personnel to monitor, support and troubleshoot to ensure safe and smooth telecommunications and Internet infrastructure.

Quick review

Recently, the Department of Cyber ​​Security and High-Tech Crime Prevention (A05, Ministry of Public Security ) and the Ministry of Health inspected and evaluated units in the medical sector. The results showed that 13 servers had vulnerabilities with about 900 security holes. Many websites handling administrative procedures also had dozens of serious security holes.

When checking at 8 hospitals, preliminary results showed that the health sector's information systems had more than 2,000 security vulnerabilities. At some central hospitals, there was almost no investment in security.

These numbers explain the information incidents of hospitals in less than half a year: In November 2023, Cho Ray Hospital's website was hacked by hackers who installed malware and took control. In December 2023, An Giang Provincial General Hospital's data was encrypted. Most recently, in March 2024, the website for getting online medical examination numbers of Ho Chi Minh City Heart Hospital was attacked, causing the system to stop operating.

“The computers of staff and doctors are both connected to the Internet and access the internal network. The situation of backing up data, especially medical examination and treatment data, has not been given attention,” said Lieutenant Colonel Nguyen Duc Dung, Deputy Head of the National Information Network Security Protection Department (A05, Ministry of Public Security).

Many hospital information systems and databases were designed a long time ago and are not updated regularly, so they are not equipped with appropriate security. In addition, these units lack specialized staff in cyber security and lack investment funds to ensure information security. In the context of escalating ransomware attacks, if you become a victim, the operation and medical examination and treatment activities of medical facilities will be paralyzed. Not to mention that if patient information is stolen, this data can be sold online by hackers.

Therefore, the A05 representative recommends that, in addition to raising awareness, supplementing equipment and funding, medical facilities need to have a defensive mindset from the beginning. When building a system, it is necessary to immediately invest in solutions to ensure network security.

One issue that businesses are concerned about is where to start investing in cybersecurity and security and which components are reasonable. Answering this question, Mr. Ha The Phuong, General Director of CMC Cyber ​​Security, said: “Businesses need to determine the current risk status of the organization through international assessment frameworks, from which they can find investment directions to enhance the security of the system. Businesses need to apply appropriate security management standards and combine management processes to gradually overcome preventive weaknesses.”

Prepare response plan

Many businesses have also made specific preparations to respond, especially during the April 30 - May 1 holidays. Vietnam Post has increased monitoring, receiving and handling information security warnings through the National Cyber ​​Security Incident Coordination Platform (Irlab.vn) provided by the Ministry of Information and Communications. During the April 30 - May 1 holidays, Vietnam Post has instructed units on the network to review and implement information security plans; be on duty and monitor 24/7; at the same time, issue warnings and prevent the spread of bad and toxic information on information systems and platforms managed by Vietnam Post; Strengthen measures to back up data to quickly restore system operations in case of incidents...

MobiFone Telecommunications Corporation has also prepared technical solutions and enhanced network quality to ensure a stable and smooth network during the April 30 - May 1 holiday.

According to Ms. Le Hoang Yen, Chairwoman of the Board of Directors of Tatinta Joint Stock Company, the operator of Tatinta Travel Floor, from the initial design, the unit prioritized security work because it involved customer and partner data. From the recommendations of the management agency, the company has also increased monitoring and defense against cyber attacks.

Concerns about data security have also been urgently implemented by businesses and units in recent times. Mr. Vu Ngoc Son, Technical Director of National Cyber ​​Security Technology Joint Stock Company (NCS) - Head of Technology Research Department of National Cyber ​​Security Association said: “Investing in cyber security solutions has changed in awareness. Although capital sources have not been allocated yet, a series of businesses and units are having to review their processes and conduct monitoring. The new thinking now is to invest equally in prevention, monitoring and response, in a three-legged stool style. Vietnamese cyber security businesses meet 90% of cyber security solutions for systems that can be equipped for Vietnamese businesses. These products are manufactured by Vietnamese people, so they are highly flexible and suitable for the average income of Vietnamese people,” said Mr. Vu Ngoc Son.

“One thing to keep in mind is the behavior of the managing unit. The awareness of the leader is very important because he is the one who signs the contract and decides to invest. Without full awareness, the investment can easily be misdirected, spending money but the system still has loopholes. Moreover, if the managing unit receives a warning but does not follow it, the system can still be attacked,” commented Mr. Vu Ngoc Son.