Every Vietnamese should equip digital self-help skills to protect themselves and avoid the casual sharing of information online, local experts have said at the Vietnam Security Summit 2023.

Tran Dang Khoa, Deputy Director General of the Information Security Department under the Ministry of Information and Communications, made the recommendations, warning that lack of attention to personal data protection will eventually become a double-edged sword against users.

Delegates attend the event in Ho Chi Minh City on June 2. Photos: Le Hoang

Vietnamese citizens’ personal information is traded on a massive scale. The data is usually collected through distributing malware, server attacks, and exploiting vulnerabilities, as the Ministry of Public Security reports.  

Speaking at the event in Ho Chi Minh City on June 2, Major General Nguyen Van Giang, Deputy General Director of the Ministry of Public Security's Department of Cyber Security and High-Tech Crime Prevention, said that several cases involving thousands of gigabytes of data, including billions of records of personal information, have recently been prosecuted.

The data collected and traded includes users' personal information such as names, birth dates, ID numbers, addresses, phone numbers, or lists of employees, positions, and organizations.

Cybersecurity experts attending the event believed human error was the primary factor leading to recent data leaks.

Ho Trong Dat, Deputy Director of VNPT Cyber Immunity (VCI), cited statistics from Egress showing that 84% of serious data leaks in 2021 were caused by human error, such as employees not following security rules or employees who are dissatisfied with their company. Preventing data leaks is extremely difficult, Dat said.

Nguyen Xuan Nam, Director of the Strategy Department at Viettel Cyber Security (VCS), noted that in the first quarter of 2023, their system recorded ten major data leaks, including source code and customer data from technology companies, retailers, and major universities in Vietnam.

He added that threats from internal organizations are becoming more serious, with the risk from this group increasing by 71% in 2021 compared to the previous year.

Experts recommend that organizations and businesses recognize "people as the new firewall," better define the role of employees in potential data risks, and apply solutions, even policies and technologies, to minimize risks.

Tran Dang Khoa, Deputy Director General of the Authority of Information Security speaks at the event.

Khoa, from the Authority of Information Security, noted that the information and data security situation has recently become quite serious worldwide. Many organizations operate digital platforms with millions, even hundreds of millions, of users whose information has been compromised. Users are often harassed and scammed through emails, messages, or phone calls.

He said that Vietnam has sufficient legal regulations on personal information and data security, which serve as a basis for data protection work.

He recommended that individuals consider personal data and information as assets, some of which are valuable and must be carefully protected, and avoid casually sharing information with unauthorized third parties. The principle has not yet been fully applied, he said.