A series of state agency websites have hidden links advertising gambling

The form of attack and insertion of malicious content into .gov.vn domain websites is showing signs of increasing again recently.
(Mic.gov.vn) – Preliminary results of a recent review by the Department of Information Security show that at least 90 websites are being exploited to install, post, redirect or link with inappropriate advertising content such as advertisements, reviews cards, gambling…

Recently, just searching by Google with keywords related to betting and gambling, with the option of gov.vn, users can easily see many pages with the .gov domain name extension. vn files of state agencies have been "hacked" and advertising links have been inserted.

Exchange with VietNamNet, Mr. Vu Ngoc Son, Technical Director of NCS Company, said that this is a fairly common form of attack in recent times in Vietnam. Hackers exploit vulnerabilities on websites, take over administration, change and edit the website's source code, thereby being able to post, link, and even redirect access to advertising and gambling content. Some systems due to poor configuration, from a vulnerability of one website, hackers gain administrative rights to the entire hosting server, thereby attacking other websites on the same server, so there are places where many websites are affected at the same time.

 

The representative of NCS Company also informed that in recent days, this information security business has received many requests for help from agencies and businesses regarding websites being attacked and gambling advertising codes inserted. , gamble. The danger is that these websites all use "https", certified "official" by state agencies and large businesses, but when clicking on the link, they redirect access to the organization's website. betting, online gambling.

The reality on the Information Security Department and the Ministry of Information and Communications has been grasped. Through the cyber security monitoring system, recently, this agency has continued to detect that Vietnam's public information systems still regularly face risks and cyber attack campaigns. Among them, some state agency websites are still being exploited to install, post, redirect or link to inappropriate content.

The results of the review by the Information Security Department in mid-March 2023 showed that, of about 14,000 websites, with more than 6,900 .gov.vn domain pages of state agencies, at least 90 websites were detected being exploited to install, post, redirect or link to inappropriate advertising content such as card and gambling advertising... Of these, there are 67 websites under the management of 30 provinces and cities and 23 websites. The website is under the management of 12 ministries and branches. This inappropriate content is also displayed right on Google search results.

Experts from the Information Security Department said that state agencies' websites being installed, posted, redirected or linked to inappropriate content is not a recent situation. Although the authorities have warned, the review and implementation of measures to prevent and handle has not received due attention.

“This incident will become very dangerous and serious if it is taken advantage of to post and spread malicious content, distorting the Party's sovereignty, policies, and State policies and laws.”, experts from the Information Security Department further noted.

To limit, prevent, and handle the above situation early, from mid-March 2023, the Information Security Department has issued a document requesting specialized IT and information security units of ministries and branches to The locality reviews all websites under its management to detect and remove inappropriate content, take measures to handle and prevent the situation from being installed, posted, redirected or linked to the website from recurring. associated with inappropriate content.

Units are also recommended to strengthen monitoring and prepare treatment plans when detecting signs of network installation, exploitation, or attack; At the same time, regularly monitor warning channels of authorities and large information security organizations to promptly detect cyber attack risks.

Emphasizing that if "official" links of state agencies' websites are used to spread or redirect to scams or steal information, it will be very dangerous because users can easily fall into traps, Company experts said. NCS recommends that administrators urgently review their entire website system.

In particular, administrators need to focus on reviewing source code pages, paying special attention to files that are newly created or have a different creation time from most other files in the same directory. At the same time, change the administrative password and database access password if you have a weak password. “In addition, administrators should perform an overall network security assessment for the system and deploy automatic monitoring solutions to detect unusual changes, thereby promptly handling them.", NCS experts proposed.

According to https://ictnews.vietnamnet.vn/

Related Posts

Whatever you need, we're here to help

Logistics solution

We meet the needs of customers of the supply chain.

Contact us

Our team of dedicated professionals is here for you.

Request a quote

Request an inland tariff quote from us.

Scroll to Top

Request a service quote