The Ministry of Information and Communications of Vietnam stated that around 4,770 cyber-attacks were reported in the country in the first quarter of 2019. According to the Vietnam Computer Emergency Response Center (VNCERT), this number is more than half the figure for the whole of last year, which was 8,319 cyber-attacks. The center also stated that most of the attacks were reported against e-commerce, financial, and banking systems.
The most common infringements among the attacks were violations of information security policies (40 percent) and unauthorized information collection (39 percent). And, the other data violations included denial of service (8 percent), privilege escalation attacks (7 percent), and the spread and attack of malicious codes (6 percent), VN Express reported.
Nguyen Trong Duong, the director of VNCERT, stated that there were 124 cases related to on-site malicious code attacks, 2,245 interface breaches, and more than 1,000 websites that were attacked by phishing codes.
In January 2019, Vietnam lawmakers approved a new cybersecurity law that controls the Internet content and global tech companies operating in the country. The new cyber law, which came into effect on January 01, 2019, requires Facebook, Google, and other international tech firms to store local users’ data on local servers and set up offices in Vietnam.
The new law prohibits Internet users in Vietnam from spreading anti-government information and posting false information that could cause damage to the country. It also prevents the circulation of content that’s fake, slandering, or inciting violence.
In November 2018, the Vietnam government released a draft declaration on guidelines to implement the law to remediate the shortcomings in Vietnam’s legal corridors and ensure secure cyberspace. The draft recommended social media users to abide by the Constitution and legal regulations while voicing their opinion and discontent.
The Law also addresses the protection of human rights and civil rights, as well as protection of secrets of businesses, individuals and families. It also mandates domestic and foreign telecommunications service providers to keep personal information and accounts of users secured.