Vietnam’s information security index 11.5% higher than 2012 The 2013 information security index of Vietnam – VNISA Index 2013 – has been improved significantly, but high risks still exist. According to Dr. Vu Quoc Thanh, Deputy Chair of VNISA (Vietnam Information Security Association), the 2013 index is 37.5 percent, a considerable increase over the 2012’s index at 26 percent. However, it is far below the other countries in the region, including South Korea, at 62 percent. VNISA conducted a survey on 598 institutions and businesses with different business scales, from the ones with just five computers and the ones with thousands of computers and the turnover of trillions of dong every year. A report of BKAV, the leading Internet security firm in Vietnam, 2,203 websites run by the businesses and organizations in Vietnam were hacked in 2012, mostly through the holes on the systems. Meanwhile, 300 hacking cases occurred every month since the beginning of 2013. These are the figures reported by the websites’ administrators when the websites were suspended. The actual number of cases is believed to be much higher. According to Zone-H, a website specializing in counting the hacked websites all around the globe, in mid November 2013, there were 1,336 warnings for 710 website addresses among the domain names “gov.vn”. The figures show that the measures applied to ensure the information security for the systems with Internet connection very limited. In other words, state agencies are now in big danger of information security. The surveys have found that the majority of the attacks to state agencies’ websites aimed to access and make intervention to the systems, while they did not make destructive actions. Hackers left the signals showing their penetration. Most of the state agencies did not know that their websites were illegally accessed, if troubles did not occur. The website of the Dak Lak province Youth Union, for example, was hacked on November 12, 2013, while the home page was still in normal operation. On the same day, hackers left a message, informing about the attack to the website of the National Committee for International Economic Cooperation (NIEC). The 2013 White Book about Vietnam’s information technology pointed out that the average information security measure application level at state agencies is low, just 25.3 percent. Less than 20 percent of organizations can recognize the hacking and illegal entry and data destruction. Especially, the workforce in charge of information security remains very limited with only ½ of state agencies having information security officers. The worry about the information security is one of the reasons which explain why state agencies still keep hesitant to use e-documents. E-documents have been exchanged through different channels- via emails, the document management system, other specific information system, or electronic information portals. Electronic information portals are the tool that most of the ministries and branches use to deliver legal documents. However, security experts said that these are really the “portals” for illegal access, destruction and false information delivery. Pierre Noel from Microsoft said that in order to minimize the information security risks, Vietnamese organizations and businesses need to gather intelligence information. If they don’t know who operate in the cyberspace and which technologies in use, they won’t be able to ensure the security. Source: Buu Dien