These websites all use https, which is certified by state agencies and large enterprises, but when users click on the link, they are redirected to the website of an online betting and gambling organization.

Expanding the research, NCS experts found that just by searching on Google with keywords related to betting and gambling, it is easy to see countless pages that have been hacked and have advertising links inserted. The common feature of this form of attack is that hackers will take advantage of vulnerabilities to take control of websites and servers, thereby inserting advertising links, even installing malicious code to access any content, all of which are redirected to gambling and betting websites.

Mr. Vu Ngoc Son, Technical Director of Vietnam National Cyber ​​Security Technology Company (NCS), said that administrative agencies need to urgently review their entire website system, focusing on reviewing source code pages, paying special attention to newly created files or files with different creation times compared to most other files in the same directory. In addition, it is necessary to change administrative passwords and database access passwords if they are using weak passwords. If possible, it is possible to conduct a comprehensive network security assessment for the system, and at the same time, deploy automatic monitoring solutions to detect unusual changes and handle them promptly.

Previously, according to the review results of the Department of Information Security, Ministry of Information and Communications in mid-March 2023, out of about 14,000 websites with more than 6,900 gov.vn domain names of state agencies, at least 90 websites were discovered to be being exploited to install, post, redirect or link to inappropriate advertising content such as advertising for card games, gambling... Of which, there were 67 websites under the management of 30 provinces and cities and 23 websites under the management of 12 ministries and branches. This inappropriate content was also displayed right on Google search results.

To limit, prevent and promptly handle the above situation, the Department of Information Security has issued a document requesting specialized information technology and information security units of ministries, branches and localities to review all websites under their management to detect and remove inappropriate content, take measures to handle and prevent the recurrence of websites being plugged, posted, redirected or linked to inappropriate content.