Review report of cybercrime-cybersecurity in Vietnam



Similar documents
Network Security in Vietnam and VNCERT. Network Security in Vietnam and VNCERT

Introduction: 1. Daily 360 Website Scanning for Malware

Bitrix Software Security. Powerful content management with advanced security features

What legal aspects are needed to address specific ICT related issues?

The Key to Secure Online Financial Transactions

CYBER SECURITY IN VIETNAM MULTI-CHAMBER MEETING - 22 OCTOBER 2015

Detailed Description about course module wise:

Cyber Security and Critical Information Infrastructure

Network Security and the Small Business

Course Content: Session 1. Ethics & Hacking

INFORMATION SECURITY REVIEW

Comprehensive Malware Detection with SecurityCenter Continuous View and Nessus. February 3, 2015 (Revision 4)

10- Assume you open your credit card bill and see several large unauthorized charges unfortunately you may have been the victim of (identity theft)

Cross Site Scripting in Joomla Acajoom Component

Contact details For contacting ENISA or for general enquiries on information security awareness matters, please use the following details:

Tunisia s experience in building an ISAC. Haythem EL MIR Technical Manager NACS Head of the Incident Response Team cert-tcc

WEB ATTACKS AND COUNTERMEASURES

Attacks from the Inside

Cyber Security Trend - Annual Review 2012

Global IT Security Risks

Guidelines for Website Security and Security Counter Measures for e-e Governance Project

Security & SMEs. An Introduction by Jan Gessin. Introduction to the problem

Student Tech Security Training. ITS Security Office

The FBI Cyber Program. Bauer Advising Symposium //UNCLASSIFIED

Cyber Security in Taiwan's Government Institutions: From APT To. Investigation Policies

National Endowment for the Arts Evaluation Report. Table of Contents. Results of Evaluation Areas for Improvement Exit Conference...

Radware Attack Mitigation Solution (AMS) Protect Online Businesses and Data Centers Against Emerging Application & Network Threats - Whitepaper

CYBERTRON NETWORK SOLUTIONS

Reducing Application Vulnerabilities by Security Engineering

IBM Security Strategy

Seven for 7: Best practices for implementing Windows 7

A progressive and integrated approach to protecting corporate networks

Cyber Security & Role of CERT-In. Dr. Gulshan Rai Director General, CERT-IN Govt. of India grai@mit.gov.in

The Impact of Cybercrime on Business

Magento Security and Vulnerabilities. Roman Stepanov

Malicious Network Traffic Analysis

Online International Interdisciplinary Research Journal, {Bi-Monthly}, ISSN , Volume-III, Issue-IV, July-Aug 2013

Kaspersky Internet Security

When a student leaves this intensive 5 day class they will have hands on understanding and experience in Ethical Hacking.

Global Corporate IT Security Risks: 2013

NetDefend Firewall UTM Services

Improving Web Application Security by Eliminating CWEs Weijie Chen, China INFSY 6891 Software Assurance Professor Dr. Maurice Dawson 15 December 2015

F-Secure Anti-Virus for Mac 2015

College Training Program

SiteLock SECURE Partner Program FAQ

Network Incident Report

Codes of Connection for Devices Connected to Newcastle University ICT Network

WEB APPLICATION FIREWALLS: DO WE NEED THEM?

Cybersecurity Health Check At A Glance

ensuring security the way how we do it

Cybersecurity Global status update. Dr. Hamadoun I. Touré Secretary-General, ITU

ENDPOINT SECURITY WHITE PAPER. Endpoint Security and Advanced Persistent Threats

How To Perform An External Security Vulnerability Assessment Of An External Computer System

CORE Security and the Payment Card Industry Data Security Standard (PCI DSS)

Fast overview about the CERT-TCC. Helmi Rais CERT-TCC Team Manager

Country Case Study on Incident Management Capabilities CERT-TCC, Tunisia

F-Secure Anti-Virus for Mac. User's Guide

A Network Administrator s Guide to Web App Security

EUCIP - IT Administrator. Module 5 IT Security. Version 2.0

Lifecycle Solutions & Services. Managed Industrial Cyber Security Services

Actions and Recommendations (A/R) Summary

Contemporary Web Application Attacks. Ivan Pang Senior Consultant Edvance Limited

Current counter-measures and responses by CERTs

How To Protect Your Network From Attack From A Virus And Attack From Your Network (D-Link)

RMAR Technologies Pvt. Ltd.

SECURING YOUR SMALL BUSINESS. Principles of information security and risk management

The McAfee SECURE TM Standard

Top tips for improved network security

Web Application Security Considerations

Table of Contents. Page 2/13

External Supplier Control Requirements

PCI Data Security Standard 3.0

The Top Web Application Attacks: Are you vulnerable?

Proven LANDesk Solutions

ReadySpace Limited Unit J, 16/F Reason Group Tower, Castle PeakRoad, Kwai Chung, N.T.

Common Cyber Threats. Common cyber threats include:

10 Best Practices to Protect Your Network presented by Saalex Information Technology and Citadel Group

SECURE APPLICATION DEVELOPMENT CODING POLICY OCIO TABLE OF CONTENTS

Indian Computer Emergency Response Team (CERT-In) Annual Report (2010)

Realize Innovation of Cyber-Security with Big Data. Qi Xiangdong

Intrusion detection for web applications

The Information Security Problem

Penta Security 3rd Generation Web Application Firewall No Signature Required.

Conquering PCI DSS Compliance

Cyber Security. An Executive Imperative for Business Owners. 77 Westport Plaza, St. Louis, MO p f

NEW JERSEY STATE POLICE EXAMPLES OF CRIMINAL INTENT

Transcription:

Review report of cybercrime-cybersecurity in Vietnam I. INFORMATION SECURITY STATISTICS 1. INFORMATION SECURITY INFRASTRUCTURE 1.1. Information Security rules of organizations 1.2. Percentage of applying technical solutions for information security 1.3. Percentage of organizations that can detect network attacks

2. INFORMATION SECURITY MARKET 2.1. Percentage of applying anti-virus softwares 2.2. Percentage of applying firewall devices

2.3. Percentage of apply Intrusion Detection Systems (IDS) or Intrusion Prevention Systems (IPS) 3. INFORMATION SECURITY WORKFORCE 3.1. Percentage of organizations that have employees in charge of informationsecurity

3.2. Percentage of organizations that have aplan of information security training 4. NATIONAL MASTER PLANS, STRATEGIES, PROGRAMS, PLANS, PROJECTS ONINFORMATION SECURITY ASSURANCE 4.1. Master plans, strategies, programs, plans - National master plan of development of digital information security to 2020 (Prime Minister s DecisionNo. 63/QD-TTG dated Jan 13, 2010). 4.2. Projects - Project Technical system center of national network security, implementing agency: Ministry ofinformation and Communications, implementation duration: 2010-2015 - Project Building the national system for information security evaluation and verification, agency:ministry of Information and Communications, implementation duration: 2010-2015 - Project Building the system of warning, detecting and preventing cyber crimes implementing agency:ministry of Public Security, implementation duration: 2011-2015 - Project Building the system of authentication and security of government information systems implementing agency: Government Cipher Commission, implementation duration: 2011-2015 - Project Training information security experts for government agencies and national keyinformation systems, implementing agency: Ministry of Information and Communications, implementationduration: 2010-2020

- Project Building a system of information security assurance in the operation of e-commerce transactionsfor the Trade and Industry sector, implementing agency: Ministry of Industry and Trade, implementationduration: 2010-2015 II. INFORMATION SECURITY RATIO 1. VNISA Index VNISA (Vietnam Information Security Association) Index was builded base on the fundamental components of information security: - Training, Awareness - Policy, Funding - HR Implementation - Technical Measurement - Manage Measurement According to VNISA survey, Vietnam Information Security Index (VNISA Index) in 2014 reached 39%. This ratio increased slightly compared to 2013 (37.5%), but still very low compared with South Korea (62% ). In state agencies, this indicator reached only 48.73%. Currently there are just only about 1/3 of the agencies and enterprises in Vietnam have set regulations for information security; 57% corporation had not or no investment funding for their information security program upgrading or constructing. There is 20% of agencies and businesses worries about tensions over the South China Sea in recent years will influence directly to Information Security of Vietnam when surveyed. 2. Spam and Phishing According to Kaspersky report, in the first quarter of 2015 Vietnam stand at 11 th place in countries most often targeted by mailshots. This is a significant effort by the agencies and organizations in Vietnam in blocking malicious email compared to 6 th place in 2013.

But in the other side, Vietnam stayed at 4 th place with 4.82%, followed the leaders of the rating in Countries that were sources of spam.

Kaspersky Cyberthread Real-Time map show that Vietnam stayed at 3 rd place in most attacked coutries III. GOVERNMENT CONCERN - In 2015, the institutional activities of State in information security is concerned than ever. - Information Security Law is being actively drafted, with widely contribution consulted in society - Along with another legal documents, this would be a legal framework to facilitate promoting activities in the field of Information Security - Sovereignty in cyberspace and conflict network resolution is being discussed and will be specified in the governing documents - Along with the implementation of training and building human resources in information security, incident rescue network initially be set at a national scale IV. INFORMATION SECURITY AWARENESS - Government approved Project of Engineers and Bachelor Training Course in Information Security

o The Prime Minister has decided to approve the project "Training and development of human resources security, information security to year 2020" o This project aims by 2020, bringing 300 faculty, researchers go abroad for training, including 100 doctors o Also aims to train 2,000 students with a university degree and postgraduate degree in Information Security at high quality o Short-term training to improve their knowledge and skills in information security for 10,000 staff who working in information technology (IT) in the state agencies - Press and Media agencies are widely promoted to people in when new security incidents or virus appears in Vietnam V. NOTABLE EVENTS 1. 30% Banking websites has vulnerabilities existed - According to the security statistics of BKAV in the first half of 2015; there are about 30% banking websites in Vietnam has vulnerabilities existed, 2/3 of them in dangerous levels and high average. - The most dangerous vulnerabilities that the banking website is facing with SQL Injection. The vulnerabilities XSS (Cross Site Scripting) and Open Redirection risk taking control of management or redirected to phishing sites 2. 220 website in Vietnam has been attacked by Chinese hacker Particularly in 2014, the Ministry of Public Security detected that nearly 6,000 pages was attacked, hijacked and edited the content (246 gov.vn websites). Especially, after the HD 981 rig placed illegally in exclusive economic zone in Vietnam, foreign hackers have attacked more than 700 sites and more than 400 pages in Vietnam on the National Day (2/9) to insert the distorted contents of Vietnam's sovereignty to the Paracel Islands 3. 85% of computers has virus infection via USB This rate has declined compared to the last year, but remain at high rate. BKAV experts said that the removing of the AutoRun feature for USB from Windows 7 and updated version of Windows XP has been significantly reducing virus. But in Vietnam, there are a relatively large of the number of computer with old version of Windows XP operating system installed, along with the arrival of the W32.UsbFakeDrive virus, it can be spread outbreaks with simple operation as disk opening. It makes USB remains a common viral infection.

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information