To solve the problem of network security, depending on the situation and needs, banks should take measures to build, deploy or invest heavily in security.
“Risk sharing and early warning of information security risks”, which was the theme of the Conference CIO | CSO Cyber Security 2020 just held on the morning of October 16.
The seminar CIO | CSO Cyber Security 2020 is a forum that provides an overall picture of strategy development, proposal of crisis handling procedures, hazard identification and solutions, and experience in building systems. information safety and security prevention system in the financial and banking industry.
|The seminar CIO | CSO Cyber Security 2020 was held on the morning of October 16.|
Right before the pandemic broke out, many businesses and organizations in the financial and banking industry in Vietnam have actively entered the digital transformation stage, providing digital payment services as well as many other services. number platform. In particular, the payment for public services has been promoted through integration with the National Public Service Portal, and the Public Service Portal of ministries, branches and localities.
However, along with that, the number of incidents of insecurity and information security has also increased. Consecutive insecurity and information security incidents of the financial and banking industries have occurred recently, the latest is the incident where hackers took advantage of the OTP vulnerability to steal more than 400 million VND from customers only. in 7 minutes.
According to the Center for Monitoring and Reaction on Cyberspace (Viettel Cyber Security Company – VSC), in the first 8 months of 2020, more than 3 million cyber attacks were detected on financial and banking systems. IT goods and networks in some provinces and cities nationwide.
It is noteworthy that the financial and banking systems account for 90% of the number of warnings and warnings coming from the IT systems of provinces, accounting for 10%.
|The financial and banking systems account for 90% of the total 3 million warnings about cyberattacks, this number is overwhelming compared with the number of alerts accounting for 10% from the IT systems of provinces.|
Three types of cyber attacks that the financial and banking systems have to face the most are web mining (accounting for 77.58%), malicious code (12.05%), and exhausting (3.92%). Other types of attacks such as denial of service, attacks targeting mobile devices total 6.45%.
Commenting on this issue, experts all agree that there are two types of permanent risks facing the Vietnamese banking and finance sectors.
Firstly, there are threats that directly affect banks, including targeted attack campaigns, ransomware distribution campaigns, ransomware, data offerings and denial of translation attacks. service.
|According to Internet security specialist Nguyen Son Hai, depending on the situation and needs, banks should take measures to build, deploy or invest heavily in security through outsourcing.|
In addition, there is a second danger, that is the risk that directly affects users such as web fraud, social networks, text messages or voice calls. These risks all lead to the loss of the reputation, brand, and assets of the banking organization and customers.
The tactics and techniques of intentional attack campaigns vary widely, but the number of attack groups is finite. If the organization can solve the problem of Mean time to Detect (MTTD) and the response time (Mean time to Respond (MTTR)), security will no longer be a difficult problem in any form. Let’s attack.
Therefore, to solve the problem of network security, depending on the situation and needs, banks can build, deploy or hire information security solutions and services by themselves. Not only hedging risks for their own systems, the fact that all units in the industry increase their investment in security will bring a resonance benefit in helping organizations and banks prevent risk of attack from cyber criminals.