[ISN] Internet security an issue for Vietnam

InfoSec News isn at c4i.org
Mon Nov 21 01:41:58 EST 2005


http://english.vietnamnet.vn/tech/2005/11/513109/

Viet Nam News
18/11/2005 

Global victims of hackers and computer viruses spent over US$100bil in
2004 to recover the financial losses caused by these modern forms of
pestilence, according to a computer security expert.

Furthermore, a new computer virus appears every seven seconds,
according to Nguyen The Dong, director of Athena Computer Emergency
Response Centre (CERC). He said that 97% of Vietnamese offices and
organisations were vulnerable to attacks.

"In Vietnam, there is a lack of security awareness among top
management at enterprises, and computer hacking remains the biggest
danger," said Dong at the "White Hat Hacker Convention," which was
held on Tuesday in HCM City to increase local awareness about
potential network security disturbances.

The convention was jointly held by the Sai Gon Computer Times, Athena
CERC and the Information and Communication Technologies Partnership
Club.

One difficulty facing, enterprises is in differentiating "white hat"  
hackers, who help IT managers find and repair their network's faults,
from "black hat" hackers, who use their computers to engage in illegal
activities and cause headaches for private individuals, companies and
organisations.

"There is a fine line between the two kinds of hackers. We would like
to ask hackers to keep in mind the harmful effects their games can
have on the community," Dong said.

Athena CERC carried out a survey on network and information security
among 415 enterprises in HCM City, Binh Duong and Dong Nai provinces.  
Of the participants, 28% were foreign-invested enterprises, 54% were
privately run and 18% were State-owned.

"Ninety-seven per cent of respondents said their networks had received
junk email, 91% had been infected by viruses and 97% felt their
networks were vulnerable to hackers," Dong said.

He went on to say that all the enterprises surveyed had their own IT
managers with a basic awareness of how to protect their information
and prevent attacks.

"However, most of the companies do not possess concrete or long-term
plans to protect their networks and are not prepared with professional
solutions in the event their networks are assaulted," he said.

"In addition, top management at most domestic enterprises have yet to
realise the gravity of the situation and so haven't paid enough
attention to or truly invested in information protection."

Network security expert Pham Trong Diem from Nam Truong Son, an
electronic security firm, said that in 2001, only 0.3% of emails
around the world were infected with a virus, but three years later,
the figure had reached 30%.

"Furthermore," he said, "the frequency of hacker attacks has been
increasing. There were 1,334 attacks in 1994, a number which soared to
137,529 recorded hacks in 2003.

That number will continue to rise."

At present, there are around 700 unofficial programmes used by hackers
to break into website and network systems.

"Businesses tend to use a defensive rather than an offensive approach,
which does not work," Diem said. "If IT managers wait until a virus
has already penetrated their network, it's far too late."

According to Dong, there is no one perfect security solution. It is a
long process, involving a detailed overview and investment.

"Anti-virus and anti-spyware programmes should be continuously
updated. IT managers have to keep themselves up-to-date on the latest
viruses and hacker activities," Diem advised.





More information about the ISN mailing list