Vietnam lost more than half a billion US dollars due to cyber attacks in 2017

Sharing information at the National Security Conference and Exhibition (Security World) held on April 5, Lieutenant General Hoang Phuoc Thuan, Director of the Department of Cyber ​​Security, Ministry of Public Security, said that in 2017, Vietnam had to face 3 major information security and safety issues, of which the most notable was a series of large-scale, high-intensity cyber attacks targeting key sectors as well as important national projects.

The vast majority of these attacks take place through physical transmission infrastructure such as international transmission lines, national internal transmission lines and core service infrastructure. Moreover, most attacks are no longer spontaneous and isolated but have become large-scale, systematic campaigns. In addition, according to Mr. Nguyen Trong Duong - Director of the National Computer Emergency Response Center (VNCERT), the situation of malware infection has also become worrying. Malware is increasingly sophisticated and complex, especially multi-purpose malware that encrypts data, extorts money and steals data.

A typical example is the Wannacry code, in mid-2017, the Wannacry malware attacked nearly 250 Vietnamese enterprises, causing a lot of damage. Mr. Nguyen Thanh Hai - Director of the Department of Information Security, Ministry of Information and Communications, commented that cyber attacks tend to focus on vulnerabilities and weaknesses of IoT devices, typically surveillance cameras, which will cause many difficulties for the government, especially when implementing e-government or smart city projects.

According to Mr. Nguyen Thanh Hai, 2017 had some notable highlights: the level of concern for information safety and security of organizations, businesses, from the government to the people has been raised. Secondly, the legal corridor system for ensuring information safety and security has been relatively complete.

At the Cybersecurity: Who’s in Control? conference organized by RMIT Vietnam this week, Head of the School of Business and Management, RMIT University Vietnam, Associate Professor Mathews Nkhoma also said that the rapid development of network connectivity as well as the dizzying pace of digital transformation make Asia, especially Vietnam, vulnerable to cyber attacks.

According to the 2017 Asia Pacific Cyber ​​Risk Report by Marsh & McLennan, organizations and businesses in Asia take 1.7 times longer than elsewhere in the world to detect an attack, and 78 percent of Internet users in Asia have no cybersecurity training, he said.

He stressed that Vietnam was among the top ten countries most vulnerable to cyber attacks from 2015 to 2017. In 2017 alone, Vietnam lost US$542.8 million due to cyber attacks.

Cyber ​​security resources are in short supply.

Professor Matthew Warren, Deputy Director of the Cyber ​​Security Research Centre at Deakin University, added that strong cyber security is fundamental to a nation's growth and prosperity in the global economy, and is important for national security.

“Global security risks and vulnerabilities now affect every organization and their customers. The complexity of cybersecurity makes it harder for organizations to understand the risks and therefore control cybersecurity,” said Professor Warren.

He also highlighted the link between human capital and the complexity of maintaining security. From a cybersecurity perspective, human capital can fail due to lack of experience, inadequate training, and false assumptions. Therefore, investing in developing cyber skills, as well as recruiting and retaining cybersecurity staff, is of utmost importance to organizations.

“There is currently a shortage of one million cybersecurity professionals globally,” the professor said, adding that the number is expected to rise to 1.5 million by 2019.

On the skills required of future cybersecurity professionals, Professor Warren said they will need technical expertise to operate critical security technologies, organizational skills to navigate policy and risk, human skills to work with others, and soft skills to communicate.