Only in June, more than 450 websites of agencies and enterprises in Vietnam was a foreign hacker attacks, including 68 domain names gov.vn.Hacker intrusion was hijacked and distorted information on the system (defacement) virus or steal data set ... This is the biggest attack ever on the website of Vietnam, with the frequency 4 times higher than normal.
According to research by security experts Bkav, most attacks in recent years comes from the very simple errors, hackers do not need qualifications can also perform intrusion. Methods we use are mainly based on fundamental errors like SQL Injection, the system does not apply a patch or weak administrator password.
The experts also stated Bkav, the occurrence of simple errors such as website because most of the government agencies, organizations and businesses will not be assessed independently of the level of security before operation. Network infrastructure and application platform of this website is not designed with the overall security solution.
Nguyen Minh Duc, director of network security analysis Bkav: "An underlying but very important to come from the IT engineers, team building website. Which they are not trained in programming secure (secure coding) since I was a student in the university. In fact, all universities offer majors in Vietnam are not subject to this program. In addition, most software companies do not supplement the knowledge of the safety team of engineers, programmers. Therefore, the application software in general and the particular website is used in government agencies and enterprises of Vietnam remain many gaps. "
Network security experts also recommended against attacks, it is essential to apply management system ISO 27001 information security. ISO process will force the website to be independent assessment of security before putting into operation, the infrastructure must be designed right from the overall construction. In addition, to protect the website system, anti theft data, the application of a total solution against viruses is crucial. When done all this, the new network can be guaranteed at the highest level. "In the long run, the core issue to be solved is the university must provide content security programming in the curriculum. Besides, Vietnam needs more training facilities depth network security, "Mr. German said.
0 comments:
Post a Comment