Among them, there are 22 websites belonging to 12 ministries and branches and 31 websites belonging to 24 provinces and cities.
Inserted files with malicious content and inappropriate advertisements are planted by bad actors and inserted into government agency websites that appear in Google search results.
The form of attack, inserting malicious content into websites with the domain name .gov.vn is continuing to show signs of increasing again recently. Illustration photo
When the user clicks, the website will automatically redirect to display other content.
This will become dangerous and serious if the website is exploited to post and disseminate bad and toxic content, distorting the sovereignty , policies of the Party and policies and laws of the State.
In fact, this situation has been going on for a long time. As the state management agency in the field of network information security, since the end of 2022, the Ministry of Information and Communications has repeatedly warned about the situation of websites with the domain name “.gov.vn” being inserted and installed with inappropriate advertisements.
It is worth noting that when receiving warnings, agencies and units have handled the situation, but there are still cases where the handling is not accurate or thorough...
To fix this, units must remove files and posts containing malicious content, investigate the cause, and look for information security vulnerabilities leading to the above situation in order to thoroughly handle it.
In addition, units need to review source code and servers to remove malware and viruses that have been installed.
To address the situation of websites.gov.vn being exploited by bad actors to install and insert harmful content and inappropriate advertisements, the Department of Information Security has proactively monitored to promptly detect government agency websites being exploited to insert inappropriate advertising content; issued early warnings to units, and coordinated with specialized information security units to fix and handle the situation.
In addition, the Information Security Department regularly monitors and provides early warnings of risks and vulnerabilities in information security and periodically deploys campaigns to clean up malware in cyberspace.
Source
Comment (0)