Ministry of Information and Communications warns of the risk of cyber attacks using ransomware

On the evening of March 30, the Department of Information Security (Ministry of Information and Communications) said it had detected an increasing trend of cyber attacks, especially ransomware attacks.

A number of information systems of agencies, organizations and enterprises in Vietnam have been recorded to have been attacked, causing disruption of operations and material damage, damage to the image of agencies, organizations and enterprises, as well as activities to ensure national cyberspace security.

In the document recently sent to many agencies, departments, ministries, sectors, corporations, enterprises, financial institutions, banks... Deputy Director of the Department of Information Security Tran Dang Khoa requested that units review and immediately deploy a series of measures to ensure network information security.

From now until April 15, it is necessary to review and strengthen solutions to ensure network information security for information systems, prioritizing monitoring and early warning solutions.

Organizations must conduct inspections and assessments to ensure information security of information systems under their management. In case of detecting risks, vulnerabilities, and weaknesses, corrective measures must be immediately implemented, especially for information systems that store and process personal information and personal data.

Units are also required to develop a plan to implement and complete regulations on ensuring information system security by level, ensuring that 100% of operating systems must be approved for security level by September 2024 at the latest.

Faced with the increasing risk of cyber attacks, organizations must enhance the capacity of professional monitoring and protection layers and maintain continuous, stable connections and information sharing with the National Cyber ​​Security Monitoring Center under the Information Security Department.

Along with that is an incident response plan, a plan to periodically back up the system and important data to promptly restore when data is attacked by encryption. At the same time, update patches, review to promptly detect security holes and weaknesses that exist on the system...

In addition, organizations and businesses need to conduct periodic threat hunting to promptly detect signs of system intrusion. For systems that have detected serious security vulnerabilities, after fixing the vulnerability, it is necessary to immediately conduct threat hunting to determine the possibility of previous intrusion.