Cyber security of key information systems to be strengthened
04/04/2024 09:40 PM
The National Cyber Security Association predicted that in the coming time, ransomware-based cyberattacks by hacker groups who target key agencies, economic, financial and energy institutions will become increasingly complex.
According to the association, departments, ministries, sectors, localities, organisations and businesses across the country have recently promoted the application of technology in operations, production and business, greatly enhancing the value that technology adds to society and offering the best possible assistance to individuals and enterprises.
Illustrative image (internet)
However, these are also the main targets of domestic and foreign hacker groups who have carried out attacks on a far greater scale for a variety of purposes, according to the Department of Cyber Security and High-Tech Crime Prevention under the Ministry of Public Security.
Attackers target organisations and companies including information systems of electricity, banking, securities, payment intermediates, telecommunications, oil and gas, and healthcare.
In order to mitigate the implications of damage, the department has worked with the Authority of Information Safety under the Ministry of Information and Communications and other relevant agencies to urgently fix and soon bring the information systems back to normal operation.
The investigation’s findings demonstrated that the hackers’ tricks are extremely sophisticated and dangerous while the attack scenarios of hacker groups share a lot of similarities.
A system attack can halt all activities and transactions and make it more challenging to recover sensitive data that has fallen into the hands of hackers.
Data of these units plays an important and decisive role in the organisation's operations and must be protected with high availability.
The Counter Ransomware Initiative (CRI) initiated by the US has issued a common policy statement between countries, which calls on victims to refrain from paying ransom to hackers because doing so would set a hazardous precedent.
In spite of repeated warnings issued by the Department of Cyber Security and High-Tech Crime Prevention and relevant units, there remains limited awareness on the role and importance of ensuring cyber safety and security.
Response capacity and competence to manage and debug cyberattacks are still lacking. Technical flaws and security loopholes have resulted from the asynchronous development of numerous significant IT systems without regular testing, monitoring, or assessment.
While resources to maintain network security are still scarce, regulations pertaining to their enforcement have not been strictly adhered to.
Based on those facts, the National Cyber Security Association requested its association members, especially those managing important, large-scale and complex information systems, urgently review information systems under their management.
They must promptly exchange with competent agencies (Department of Cyber Security and High-Tech Crime Prevention - Ministry of Public Security; Authority of Information Safety under the Ministry of Information and Communications) to be provided with responding plans.
They must get in touch with the department if they discover cyberattack activity or cyber security incidents in order to coordinate an investigation, reaction, and system recovery.
Members of the association who excel in technology and network security are invited to join the department's cyber security network.
The association has also requested improved
VSS
Sickness
Work Injury and Occupational Disease
Survivor’s
Old-age
Maternity
Unemployment
Medical (Health Insurance)
Certificate of coverage
VSS - ISSA Guidelines on Social Security