The Hanoi Department for Information and Communication has said that a lot of websites and electronic portals in Vietnam have existing information holes, because the security software cannot be updated regularly, or because the software products installed for different computers are not compatible.
The Hanoi Department for Information and Communication has said that a lot of websites and electronic portals in Vietnam have existing information holes, because the security software cannot be updated regularly, or because the software products installed for different computers are not compatible.
 |
Ngo Quang Huy from the Vietnam Computer Emergency Response Team VNCERT, said that mid 2011 was the peak of the attacks by hackers who targeted government agencies. A lot of websites reportedly had the control hijacked, or were exploited by hackers, and services were interrupted.
Spent much money, but websites still hacked
Also according to Duc, the majority of the security systems of agencies and enterprises have not got appropriate investment. The expenses to ensure security for a network needs to account for 5-20 percent of the total investment on the whole system.
According to the Hanoi Department for Information and Communication, more than 90 percent of state agencies have officials in charge of information and communication technology ICT, while 13.7 percent of them have ICT divisions. However, the figures still cannot help much in improving the security system, because most of the ICT officers lack management skills, lack necessary knowledge on network administration.
Meanwhile, other enterprises do not spend money on security solutions, because they still have not been aware of the importance of the network security. In general, only after being attacked, do the enterprises think about upgrading security solutions. They lock the stable door after the horse has bolted.
It usually happens that the computers of the same networks at the same companies use different security software products. As a result, a virus can penetrate into one of the computers and then infiltrate into other computers of the same networks and paralyze the whole system, even though computers all have installed anti-virus software.
A representative from IBM Vietnam said that sometimes a server has hundreds of websites, and once a website is hacked, other websites also have errors.
In fact, a lot of agencies and enterprises complain that they spend billions of dong on network security, but they remain weak in resisting the attacks of hackers. The problem here is that the agencies and enterprises do not carry out regular updating and assessment.
Most of the websites have been put into operation without the assessment and examination of the security capability. As a result, there exist the security holes which cannot be recognized by administrators, paving the way for hackers to attack.
“The continued attacks in 2011 showed the weak capability of the security software products used by state agencies and enterprises,” Duc said.
Agencies and enterprises urged to install new barriers
The Hanoi Department for Information and Communication has suggested that state agencies need to install new information security barriers to get ready to resist the attacks.
The department also said that the security policies for end users and the procedures for IT officers need to be checked and amended to become standardized.
Duc thinks that it is necessary to carry out an overall survey to find out the security capability of every website of state agencies and enterprises. The backward software need to be replaced, while the old but usable software should be upgraded in order to save money.
(Source: Tien phong)
