Cybersecurity and the problem of "rebirth"

Mr. Vu The Binh, Vice President and General Secretary of the Internet Association shared at the program.

Cyber ​​security challenges

Security Bootcamp is an event of the Information Security and Security Professionals Community in Vietnam, held annually since 2012. The mission of Security Bootcamp is to build and connect a team of information security professionals nationwide to share the latest knowledge and skills to create a forum on information security in Vietnam. Security Bootcamp 2025 Program took place in Hue for three days from September 12 to 14, with two main activities taking place in parallel including: Professional workshop and information security arena.

At the conference, speakers in the field of network security and safety shared and discussed new technology trends, challenges in network security, as well as shared practical experiences in ensuring network security. In particular, the speakers focused on sharing experiences in building AI Agents (artificial intelligence agents) to automate the organization's security testing process; introducing some optimal security models for businesses to enhance intrusion detection and security operations performance, network security investigation, investigation techniques... At the same time, affirming that in the new era, the ability to recover, adapt and break through is the core factor that helps each organization, business and the whole country stand firm against all cybersecurity threats.

Mr. Nguyen Duong Anh, Deputy Director of the Department of Science and Technology, shared: In the context of comprehensive digital transformation and the strong development of the digital economy , information security is not only a technical requirement but has become the foundation to ensure the stability and sustainable development of state agencies, enterprises and the whole society. A cyber security incident can disrupt operations, affecting the reputation and trust of the people. Therefore, improving the capacity to prevent, respond to and recover from incidents is of particular importance.

The forum is an opportunity to connect the community of information security experts, where knowledge, experience and practical solutions are shared. This is an opportunity for experts, officials, civil servants, public employees, agencies and businesses to meet, exchange knowledge, improve expertise, contribute to ensuring information security, promoting the development of the digital economy and building a modern digital government.

Mr. Vu Duc Hoang, a cybersecurity risk analyst at Viettel Cyber ​​Security, has analyzed new attack campaigns by the Lotus Blossom group (a targeted attack group that often focuses on cyber attacks on government agencies and large enterprises) and pointed out the main risks that cause cyber insecurity for organizations and enterprises.

Specifically, the risk of intrusion from VPN accounts (accounts that users create to access virtual private network services) being stolen when many organizations in Vietnam have expanded remote access after COVID-19 but have not strictly controlled VPN accounts. Taking advantage of the information technology management system to spread malware can control and use internal security and management tools to spread malware, bypassing conventional defense measures. Malware that can hide in the system for a long time can disable security software and hide in legitimate system folders.

Building regenerative capacity

To prevent and minimize the impact of APT Lotus Blossom, expert Vu Duc Hoang recommends: Organizations need to deploy specific and focused measures, focusing on preventing initial intrusion, controlling attack expansion, detecting abnormal activities and responding quickly. Prevent initial intrusion through strict control of remote access VPN accounts, reviewing and revoking unused VPN accounts, especially those with high access rights; prevent online fraud and malware from OTT platforms (digital content services); prevent attack expansion in the system by protecting the Active Directory system (a solution for managing and controlling access to network resources) from being exploited; detect and handle APT Lotus Blossom activities in the system; enhance the ability to respond quickly when attacked.

Engineers perform cybersecurity work

Within the framework of Security Bootcamp 2025, the Cyber ​​Security Arena is also held. This is a practical competition that helps experts improve their skills in handling network attack and defense situations. This arena is equipped with equipment, competition infrastructure, and exam questions for the teams to demonstrate their bravery, intelligence, and combat ability. Each team will be provided with a physical server and a private network system to deploy defense strategies and attack each other.

Each team consists of a maximum of 5 members, requiring a smooth coordination between skills such as penetration testing, vulnerability testing, auditing, security, reverse engineering; social engineering... Teams will also apply many platforms and solutions to exploit the opponent's weaknesses and protect the system.

Mr. Vu The Binh, Vice President and Secretary General of the Internet Association, affirmed that the theme of “Rebirth” in Security Bootcamp 2025 affirms that the resilience of the system against cyber attacks is becoming an important strategy in information security protection. The goal is to ensure that the system continues to operate and provide the desired results, despite cyber attacks, which applies to both software and hardware systems.

In a rapidly changing world where cyber attacks are becoming increasingly sophisticated and unpredictable, building resilience is no longer an option, but a necessity. Organizations and businesses need to invest in carefully developing a cyber security plan to ensure that digital assets are protected and secure; thereby allowing organizations and businesses to focus on their core professional tasks in the most effective way.