Director of the Cyber Security and Hi-tech Crime Prevention and Control Department (A05) under the Ministry of Public Security Nguyen Minh Chinh reported that the Public Security Ministry has recently detected hundreds of individuals and organizations carrying out illegal trades of sensitive personal data, with a total quantity of thousands of GB. These risks continue to pose challenges to protection efforts.
In 2023 alone, 16 such serious and sophisticated cases have been pinpointed, ranging from collecting and selling State secrets to private internal data.
Director Chinh attributed low awareness of Internet users to this infamous situation. Many cyberspace users publicly display their sensitive information on websites, reveal their data during trading activities, or adopt disproportional data protection methods, all of which result in easy data stealing.
The buying and selling of personal data are becoming increasingly common and open, with both raw data and processed personal data being traded. Many such activities remain unaddressed due to gaps in legal regulations. This issue goes beyond individual-to-individual transactions and involves professional companies and organizations who specialize in illegal collecting these data for exceptionally high profits via malware or cyberattacks.
Deputy Director of Technology Le Quang Ha in Viettel Cybersecurity Co. informed that in the first half of 2024, his company’s system recorded 46 cases of data leaks and sales, 13 million records sold, 12.3 GB of leaked source code, 10 data encryption attacks demanding ransom, and 56 organizations with signs of data encryption attacks. Additionally, there were 495,000 DDoS (distributed denial-of-service) attacks, 2,364 fraudulent domains, 7 Advanced Persistent Threat groups (APTs) detected, 17,648 new cybersecurity vulnerabilities discovered, and 2,139 IP addresses connected to fraudulent domains.
He stressed that these figures demonstrate a professional cyber extortion industry has emerged.
Experts participating in the conference all agreed that data governance in Vietnam still faces many shortcomings and limitations. Some organizations and businesses lack or have insufficient infrastructure to deploy core IT systems for data collection and management. Many databases are overlappingly collected and stored without a unified catalog of shared data, making it difficult to connect, share, and exploit data.
Meanwhile, data centers have inconsistent technical standards and specifications, and are not regularly inspected, maintained, or upgraded, which leads to security and system safety risks. Some organizations and businesses outsource IT infrastructure services, also posing cybersecurity risks due to the lack of effective data management and control on the company's infrastructure.
Head Vu Ngoc Son of the NCA's Department of Research, Consulting, Technology Development and International Cooperation emphasized the importance of data sharing in enhancing cybersecurity, having been done throughout the world. Sharing information is the best way for NCA members to get a comprehensive picture and stay updated on the latest cybersecurity intelligence so that they can proactively apply suitable data security measures.
Therefore, NCA is going to take the lead in developing a data sharing platform, aiming at connecting to and receiving data from the Ministry of Public Security, the Ministry of Information and Communications, the State Bank of Vietnam, as well as Vietnamese cybersecurity companies, international cybersecurity organizations, and independent cybersecurity experts.
The platform will enable the sharing of the latest attack indicators collected through investigated cases such as malware identification information, control server addresses, network characteristics, or server memory in case of a cyberattack. These useful information pieces are expected to help network administrators to quickly implement cybersecurity rules to detect and prevent attacks across the entire system, as well as scan and clean servers and workstations to detect whether they have been compromised or not.
“Statistics reveal that the average time for an organization to detect a data breach is over 200 days. Early detection not only allows organizations to quickly activate response scripts to minimize damage and shorten recovery time, but it also helps prevent further data leaks,” said Vu Ngoc Son.