When the press is the target of cyberattack groups

The Department of Information Security (Ministry of Information and Communications) has recorded and handled 4,029 cyber attacks in Vietnam in the first 8 months of 2024. These figures reflect the urgency of ensuring network safety and security, and press agencies are no exception.

Meanwhile, currently in Vietnam, the vast majority of press agencies operate in the online environment, all operating electronic newspapers and electronic magazines. Therefore, electronic newspapers will be the target of cyber-attackers to sabotage the system, steal data, demand ransom, change the content and interface of electronic information pages/portals, etc. Except for a few press agencies with good technical infrastructure, proactive in operation, exploitation, control, and investment in security and information safety, the majority have to rent infrastructure, applications, and services. Most organizations do not have specialized personnel in information security, so issues of security and information safety are still huge challenges...

In addition, press agencies must simultaneously carry out two major responsibilities and missions: protecting themselves and their organizations from cyber attacks, network and media security risks, raising awareness of network security for the whole society, and contributing to building a safe, healthy, and widespread Vietnamese cyberspace.

Not only that, reporters and journalists working in the digital environment also face a lot of pressure and risks regarding information security during their work. Mr. Tran Quang Hung - Deputy Director of the Department of Information Security (Ministry of Information and Communications) said: The press and media play an important role in providing timely, accurate and reliable information.

However, journalists often face many challenges, from sensitive information leaks to cyber attacks. Reporters and journalists are also one of the targets of targeted cyber attack groups, spreading malware to collect, steal or eavesdrop on information, along with politicians and other celebrities... "More importantly, each journalist is also an ambassador, a person who conveys messages to the community. Therefore, protecting information security for journalists is very urgent, no less important than protecting information security for the press agency's system", Mr. Tran Quang Hung affirmed.

Another important aspect to consider is the huge amount of data that news organizations are currently processing, especially in the current trend of data journalism. In addition to content, news organizations collect and store a lot of user data, from preferences to personal and payment information. These incidents not only affect individuals but can also damage the reputation and credibility of news organizations.

Mr. Nguyen Thanh Hung - Chairman of the Vietnam Information Security Association affirmed: "Many press agencies with important information resources, including key national information agencies, can be targets of cyber attacks. Accordingly, the attacked objects can be information systems, or end users in the system such as leaders, managers, editors, reporters of press and media agencies...".

Need to be ready to respond

To help press agencies improve their "combat capacity" against cyber attacks, from a management perspective, the Ministry of Information and Communications has recently issued a document guiding 6 solutions for quick recovery after cyber attacks. It emphasizes the need for agencies to periodically perform offline data backups; deploy solutions to be ready to quickly restore information system operations when incidents occur, bringing information system operations back to normal within 24 hours or according to business requirements; organize the implementation of solutions, especially information security monitoring solutions, to prevent and promptly detect early risks of cyber attacks; separate and control access between network areas and convert and upgrade outdated applications, protocols, and connections that are no longer technically supported to the use of platforms and applications; Strengthen monitoring and management of important accounts and system administration accounts using 2-layer authentication solutions or privileged account management solutions; review, fix and prevent basic errors that lead to information system insecurity...

In this regard, Mr. Le Van Tuan - Director of the Department of Information Security (Ministry of Information and Communications), said that currently, the criminal world is increasingly using high technologies, such as AI, to carry out sophisticated, complex and very professional attacks when dividing each specific task into a person in charge of the attack, a person in charge of distribution... so to ensure information security, agencies and units must proactively respond to challenges. Accordingly, it is necessary to develop a comprehensive plan to proactively respond from monitoring, quick response, and recovery after incidents.

At the same time, it is necessary to strictly and fully implement the provisions of the law on information security, even when an incident occurs, so that the response is effective, especially applying the 6 key solutions that the Ministry of Information and Communications has proposed. Of course, prevention is equally important, so the leader of the Information Security Department also requires press agencies, organizations and businesses to apply the principle that unsafe systems should not be put into use, and software that has not been tested for safety should not be put into use... At the same time, it is necessary to carry out good practices, train the team regularly, and conduct periodic information security assessments in the network environment.

Sharing this view, from the practice of press agencies, Mr. Nguyen Doan Trong Hieu, Head of Technical - Technology Department of VietNamNet Newspaper, said that in order to be ready to respond to possible information security situations, press agencies, especially electronic newspapers, need to raise their vigilance and skills, regularly review and periodically check to avoid being exploited for security errors. Agencies and organizations also need to conduct training, strengthen and improve awareness and skills on information security for reporters, editors, technicians, along with establishing mandatory policies and procedures, strictly complying with information security as well as ensuring safe equipment for operational activities.

In particular, press agencies need to proactively develop plans and invest funds for information security systems, software copyrights, processes, technology, and improve human resource qualifications. Use information security services from professional units, or proactively invest in their own infrastructure, master technology, and not rely entirely on outsourcing units for information security and safety issues.

And more importantly, it is necessary for competent authorities in charge of information security management such as the Department of Information Security, NCSC Center, VNCERT, Information Security Association, enterprises, etc. to intervene, send experts to guide and help press agencies periodically inspect, give timely recommendations and warnings, or intervene to support when information security incidents occur...

Thus, the risks of insecurity are present and inevitable, the important thing is that the "involvement" of press agencies in responding and handling must be quick and timely. Therefore, press agencies need to promptly grasp the signs of being attacked from the beginning, then the handling time will be very fast and effective. The inspection, assessment and protection of systems and units need to "put emphasis" on monitoring and reviewing to detect early dangers and potential risks in the system, minimize damage and promptly have a response plan when being attacked by a network.

Ha Van