Reading Time: 2 minutes
Vietnam Authority of Information Security, under the Information & Communications Ministry, has reported that 90 websites ending in “.gov.vn”, were hacked and linked to gambling advertisements. Statistics from Vietnam National Cyber Security Technology Corp. (NCS), reported that almost 170 websites ending in “.edu.vn”, were attacked to include harmful gambling links.
Search engines give priority to official websites of government agencies.
It is for this reason that people with bad intentions love to use the feature of a website which allows visitors to upload information (questions or comments, files, etc.) to spread negative advertisements.
The attackers even alter the interface of the website and use the security vulnerabilities to do so before moving on to other sites hosted on the same server.
When accessed through the Google search engine, an infected site with the suffix “.gov.vn”, can redirect users to a website that introduces them to gambling.
The same applies to those ending in “.edu.vn”.
The Information and Communications Ministry, since the end of 2020, has asked all ministries, state agencies and local authorities that have websites ending with “.gov.vn” to check for inappropriate content. The situation has not improved much.
Vu Ngoc son from NCS attributes the problem to outdated software whose vulnerabilities have not been fixed. The outdated operating system, which does not have its patches updated on time, is another factor.
Hackers can still attack the entire system if the vulnerabilities of one site have not been fixed.
It could get worse if harmful or distorted information about the sovereignty of island borders, Party guidelines and Government policies are widely distributed via infected sites.
If information security is not given enough attention by state agencies during the period of applying the digital transformation in Vietnam, there will be negative effects, which will severely hinder the completion process.
To fully address this problem, agencies of state must first improve the security level on their official websites and IT systems.
These organisations must regularly assess the information security of their website, particularly the option that allows visitors to submit information.