Data security during the April 30th - May 1st holiday.

Resources are ready.

Following recent cyberattacks, the Prime Minister issued a directive on enhancing information security. “Ministries, agencies, localities, businesses, and units must thoroughly understand this directive. The Information Security Department must immediately issue guidelines for implementation, paying particular attention to system resilience and recovery capabilities, as attacks are unavoidable; recovery is crucial. Therefore, investments in digital transformation and information technology must always include cybersecurity configurations, with a minimum cost of 10%,” Minister of Information and Communications Nguyen Manh Hung immediately instructed.

The Minister requested the Cybersecurity Department to quickly invest in upgrading the system for the National Cybersecurity Monitoring Center to be up-to-date, modern, and equipped with the latest technology, serving as a national model system. The Center has two important functions: monitoring information in cyberspace, protecting the regime, and monitoring cyberattacks, providing support when attacked, and defending the Fatherland in cyberspace.

Binh Phuoc Security Operations Center (SOC). Photo: Ministry of Information and Communications.

According to cybersecurity experts, hackers often attack at the most unexpected and least noticeable times. Therefore, the risk of attack is quite high during the April 30th - May 1st holiday period. Consequently, the Ministry of Information and Communications has requested that agencies, organizations, and businesses strengthen their efforts to ensure cybersecurity for the information systems under their management.

Specifically, agencies, organizations, and businesses need to strengthen and prioritize resources and personnel for 24/7 on-call and monitoring; proactively and continuously monitor centralized information security monitoring systems and centralized malware prevention systems to ensure timely detection, handling, and remediation of cyberattack incidents and verified malware alerts.

Units regularly monitor, receive, and process cybersecurity alerts through the National Cybersecurity Incident Response Coordination Platform - IRlab.vn provided by the Ministry. In addition, agencies, organizations, and businesses must be prepared to implement plans to respond to and handle cyberattack incidents and quickly restore normal information system operations in the event of an incident.

Specifically for telecommunications and Internet service providers, and organizations and businesses providing digital infrastructure and platforms, during major holidays, they must increase their workforce, assign personnel to monitor, support, and resolve issues to ensure the safety and smooth operation of telecommunications and Internet infrastructure.

Quick review

Recently, the Cyber ​​Security and High-Tech Crime Prevention Department (A05, Ministry of Public Security ) and the Ministry of Health conducted inspections and assessments of units within the healthcare sector. The results revealed that 13 servers had vulnerabilities with approximately 900 security flaws. Many websites handling administrative procedures also had dozens of serious security vulnerabilities.

Preliminary inspections at eight hospitals revealed over 2,000 security vulnerabilities in healthcare information systems. At some central-level hospitals, there was virtually no investment in security.

These figures explain the information security incidents at hospitals in less than six months: In November 2023, the Cho Ray Hospital website was attacked by hackers who installed malware and took control. In December 2023, data from the An Giang Provincial Central General Hospital was encrypted. Most recently, in March 2024, the online appointment booking website of the Ho Chi Minh City Heart Hospital was attacked, disrupting the system's operation.

"The computers of officials and doctors are connected to both the Internet and the internal network. The backup of data, especially medical examination and treatment data, has not been given sufficient attention," said Lieutenant Colonel Nguyen Duc Dung, Deputy Head of the National Information Network Security Protection Department (A05, Ministry of Public Security).

Many hospital information systems and databases are outdated and not regularly updated, lacking adequate security measures. Furthermore, these facilities lack dedicated cybersecurity personnel and sufficient funding for information security. In the context of escalating ransomware attacks, becoming a victim would almost certainly paralyze the operational and medical services of these facilities. This is not to mention the possibility that if patient information is stolen, hackers could sell it online.

Therefore, A05 representatives recommend that, in addition to raising awareness and supplementing equipment and funding, healthcare facilities need to have a defensive mindset from the outset. When building the system, immediate investment in solutions to ensure cybersecurity is necessary.

One concern for businesses is where to start investing in cybersecurity and which components are most appropriate. Addressing this issue, Mr. Ha The Phuong, General Director of CMC Cyber ​​Security, stated: “Businesses need to identify the current risk status of their organization through international assessment frameworks, and then develop investment strategies to enhance the information security of their systems. Businesses need to apply appropriate information security management standards and combine management processes to gradually address and prevent weaknesses.”

Prepare response plans.

Many businesses have also made specific preparations to respond, especially during the April 30th - May 1st holiday. Vietnam Post has strengthened monitoring, receiving, and processing information security alerts through the National Network Information Security Incident Response Coordination Platform (Irlab.vn) provided by the Ministry of Information and Communications. During the April 30th - May 1st holiday, Vietnam Post instructed its network units to review and implement information security measures; maintain 24/7 on-call and monitoring; and issue warnings to prevent the spread of harmful and malicious information on information systems and platforms managed by Vietnam Post; and strengthen data backup measures to quickly restore system operations in case of incidents…

Meanwhile, MobiFone Telecommunications Corporation has also prepared technical plans and enhanced network quality to ensure a stable and smooth network during the April 30th - May 1st holiday.

According to Ms. Le Hoang Yen, Chairwoman of the Board of Directors of Tatinta Joint Stock Company, the operator of the Tatinta Tourism Platform, from the initial design, the company prioritized security because it involves customer and partner data. Following recommendations from regulatory agencies, the company has also strengthened monitoring and defenses against cyberattacks.

Concerns about data security have also been urgently addressed by businesses and organizations recently. Mr. Vu Ngoc Son, Technical Director of the National Cyber ​​Security Technology Joint Stock Company (NCS) and Head of the Technology Research Committee of the National Cyber ​​Security Association, stated: “Investing in cybersecurity solutions has seen a shift in perception. Although immediate funding is not yet available, a number of businesses and organizations are reviewing their processes and implementing monitoring. The new mindset now is to invest equally in prevention, monitoring, and response, following a three-pronged approach. Vietnamese cybersecurity companies provide 90% of the cybersecurity solutions that can be equipped for Vietnamese businesses. These products are manufactured by Vietnamese people, so they are highly flexible and suitable for the average income of Vietnamese people,” Mr. Vu Ngoc Son said.

“One point to consider is the behavior of the managing unit. The awareness of the head of the unit is crucial because they are the ones who sign the contract and make investment decisions. Without full awareness, the investment can easily go astray, money is spent but the system still has vulnerabilities. Furthermore, if the managing agency receives warnings from the supervisory unit but does not act accordingly, the system can still be attacked,” Mr. Vu Ngoc Son commented.