In Vietnam, as a State management agency in the field of network information security, the Department of Information Security (Ministry of Information and Communications) regularly reviews, evaluates, and detects security holes on systems. information systems of agencies, organizations, and businesses; There is a warning requiring units to patch errors and ensure information security for the system in accordance with legal regulations.
Discussion at the plenary session of the Vietnam Cyber Security Conference and Exhibition – Vietnam Security Summit 2024 with the theme ‘Security in the boom of artificial intelligence’, taking place at the end of May in Hanoi, The representative of the Ministry of Information and Communications requested agencies, organizations and businesses to focus on implementing 6 groups of solutions, including periodically hunting for threats to promptly detect signs of system intrusion.
With a system that has detected a serious security vulnerability, after fixing the vulnerability, units need to immediately carry out threat hunting to determine the possibility of previous intrusion. Check and update information security patches for important systems.
Domestic agencies, organizations and businesses are also recommended to regularly and continuously use information security support platforms developed and provided by the Ministry of Information and Communications, including: Incident handling coordination platform national network information security; Digital investigation support platform; Platform for managing and detecting and early warning of information security risks.
Agencies, organizations, and businesses are recommended to periodically hunt for threats to promptly detect signs of system intrusion. Illustration photo: Khanh Linh
In newly shared information, the Information Security Department said that the technical monitoring system of the National Cyber Security Monitoring Center – NCSC under the Department recorded 89,351 weaknesses in May 2024, Information security vulnerabilities exist in servers, workstations, and information systems of state agencies and organizations.
Also in May 2024, NCSC’s remote monitoring and scanning system discovered more than 1,600 vulnerabilities on 5,000 publicly open systems on the Internet. In particular, this unit’s technical system recorded 12 newly announced vulnerabilities, with a high level of serious impact, that can be used by hackers to attack and exploit the systems of agencies, organizations, including: CVE-2024-4671
“These are vulnerabilities that exist in popular products of many agencies, organizations and businesses. It is recommended that units perform a comprehensive check and review of the system to help determine whether their system uses products affected by vulnerabilities, and quickly take timely remedial measures. to protect information security. At the same time, continuously update information about new vulnerabilities and attack trends in cyberspace.”experts from the Information Security Department recommended.