Security unease for digital innovators

Security unease for digital innovators. Source: freepik.com

The National Cyber Security Center (NCSC) under the Ministry of Information and Communications (MIC) on February 24 warned state-owned agencies and enterprises, commercial banks, and financial institutions about possible network attacks via VMware’s software.

Several privacy flaws in VMware’s products vCenter, ESXi, and Cloud Foundation were announced by the software giant on February 23. These vulnerabilities could enable hackers to remotely execute codes, possibly causing serious damage to users.

According to the NCSC, hackers could attack VMware’s vCenter servers and gain control of the information system. Worse still, it is estimated that more than 6,700 systems are in the vCenter network, over 150 of which are in Vietnam.

Thang Pham Viet, Vietnam country manager of VMware, told VIR, “In line with VMware’s commitment to responsible disclosure, on February 23, we issued a public security advisory with a fix and workaround for a security issue that was privately reported to us. We informed our customers immediately of this and provided the relevant patch updates. This was done in order to help our customers stay safe.”

“Security is a top priority for us and as a matter of best practice, VMware always encourages all customers to apply the latest product updates, security patches and mitigations made available for their specific environment and deploy our products in a security hardened configuration,” he noted.

VMware last October announced new advancements to its intrinsic security portfolio, giving Vietnam’s organisations the capabilities to better secure their business. In a move to sharpen the focus on Asia’s emerging digital economies, VMware last June announced the appointment of Nitin Ahuja as the leader of Nascent and emerging markets.

Cybersecurity has been a hot topic for years and in the digital transformation era, it is becoming even hotter. The case of VMware could trigger public concerns over cybersecurity levels of products and services from other technology enterprises in Vietnam. Together with VMware, many other technology enterprises like Keysight Technologies, Amazon Web Services, Microsoft, and Huawei are expanding in and to Vietnam where Southeast Asia’s internet economy is expected to triple in size and hit $300 billion by 2025, with nascent economies leading the pack. As such, these companies have been rushing to introduce new products and services to businesses and agencies.

This has, however, also brought up problems related to cyberthreats. Meanwhile, businesses in Vietnam have been moving swiftly in digital innovation to respond, adapt, and accelerate their businesses during this period of economic uncertainty.

Vietnam expects that the Law on Cybersecurity 2018, which took effect from January 2019, can meet the needs to protect the national security and ensure social order and safety in cyberspace with several specific provisions on cybersecurity for IT systems of national importance; the prevention and handling of infringements upon cybersecurity; and responsibilities of related agencies, organisations, and individuals.

However, cyber threats are still happening, and according to VMware Carbon Black’s Global Threat Report, the global cyber threat landscape has escalated in the wake of COVID-19, with 91 per cent of global security professionals surveyed reporting that they had seen an increase in overall cyberattacks as a result of employees working from home.

A good 32 per cent of global respondents found very significant gaps in the visibility of cybersecurity threats, while more than a quarter (28 per cent) of those surveyed felt that there are severe and significant gaps in terms of enabling a remote workforce.

Vietnam is not an exception. According to the latest survey of Bkav Corporation, the leading firm in network security and software in Vietnam, computer viruses to Vietnamese systems in 2020 hit a new record in caused damage, surpassing the $1 billion mark.

In the first month of 2021, the NCSC said Vietnam saw 326 cyberattacks causing breakdowns in IT systems, up 3.49 per cent on-month and 15.19 per cent on-year.