The closing ceremony of the 2nd national combat exercise program in 2024 was recently organized by the Department of Information Security (Ministry of Information and Communications) in coordination with Vietnam Airlines.

Speaking at the event, Director of the Department of Information Security Le Van Tuan emphasized: Aviation security is an important, urgent and essential issue of the country.

Airport attacks are no longer rare, they can happen at any time; and the consequences of these attacks are unpredictable and beyond anyone's control.

"Therefore, conducting combat exercises in the aviation field is a necessary, urgent and must-do activity," said Mr. Le Van Tuan.

According to a representative of the Vietnam Cyber ​​Emergency Response Center - VNCERT/CC under the Ministry of Information and Communications, Vietnam Airlines is the first airline to conduct a national combat exercise.

The 2nd national combat exercise in 2024 divided the participating personnel into 2 groups: attack and defense. In which, the defense team consists of experts from the Information Security Center under the IT Department of Vietnam Airlines, the attack teams consist of experts from 8 organizations and enterprises: Cyber ​​​​Warfare Command, CYSEEX Information Security Alliance, FPT Telecom, Bkav, CyRadar, Vietcombank, Giao Hang Tiet Kiem, SSI.

Through the process of practicing real combat on operating systems, during 5 days from 9:00 a.m. on September 23 to 5:00 p.m. on September 27, the staff responsible for protecting Vietnam Airlines' information systems gained more experience and skills to be more proactive in defense activities, ready to respond and handle when encountering cyber attacks in reality.

During the closing ceremony, in addition to awarding certificates to participating units, the Organizing Committee evaluated and classified the attack teams. As a result, the three excellent attack teams were awarded the first, second and third prizes of the program, respectively, FPT Telecom, the Cyber ​​​​Warfare Command and the CYSEEX Alliance.

Informing VietNamNet , Deputy Director of VNCERT/CC Le Cong Phu said that the combat exercise was promoted by the Ministry of Information and Communications, directly by the Department of Information Security, to be implemented from 2022.

After two years, this form of exercise is no longer strange to many agencies, organizations and businesses in Vietnam.

“The participating teams no longer follow the steps, exercises and solutions as instructed before, but the exercise focuses on practical elements. In particular, the defense team does not need to prepare in advance for the actual exercise, because this is also their daily work. The purpose of the actual exercise is to evaluate, improve and enhance the defense capacity of the incident response team of agencies and units,” Mr. Le Cong Phu shared.

According to the analysis of the VNCERT/CC representative, with the real-life exercise, many resources are mobilized, many units participate in parallel assessment, not only in terms of systems and services, but also in terms of the defense team's ability to monitor, detect, prevent and respond to incidents.

Therefore, evaluation through real-life exercises is practical, clearly revealing weaknesses and factors that need to be improved in the system as well as the defense unit; thereby helping the unit to quickly overcome and avoid future attacks.

“A real-life exercise is like a vaccine, a real attack, but controlled, helping the immune system - here the defense team - to practice in advance, thereby protecting the organization, system, and service,” said the representative of VNCERT/CC.

Statistics show that last year, combat exercises attracted over 2,400 experts to attack 80 target systems, including 2 public service systems and 38 level 3 information systems.

Of the 80 agencies and units that conducted the 2023 drill, there were 11 ministries, 52 localities and 17 units. Through the drill, more than 600 security vulnerabilities in the systems of the units were discovered.

In addition, the Department of Information Security also accompanies and sponsors the CYSEEX alliance to organize practical exercises for members who are enterprises operating in the IT field, once a month.

Vietnam participates in international exercise on responding to cyber attacks using AI. The ACID 2024 international exercise with the theme 'Proactively responding to the increase in cyber attacks using AI', has the participation of technical staff from 10 ASEAN countries and 5 dialogue countries.