Professional Documents
Culture Documents
Vietnam
Vietnam
1
Mechanisms of Vietnam’s multidirectional foreign policy (Nicholas Chapman) (August 2017)
Vietnam cybersecurity in healthcare industry
A. Historical context
The expansion of ICTs and increased Internet penetration have raised
concerns about cybercrime (Symantec, 2018). The ability to defend
against cyber-attacks in Vietnam is still evaluated as weak, especially in
the event of persistent cyber-attacks (Ministry of Public security 2017)
The Vietnam Computer Emergency Response Team (VNCERT)
recorded over 200.000 cyberattacks from 2010 to 2018
July, 2021, the Government activated an information technology
platform to support vaccination with an electronic health book app. And,
to handle all situations related to technology solutions and ensure
network security, the Ministry of ICT has set up the national Technology
Centre for COVID-19 Prevention and Control with key members
available 24/7
Yeo Siang Tiong, general manager for Southeast Asia at cybersecurity
company Kaspersky, said: “The pandemic has showed the important role
of e-government and digital transformation in the health sector in
particular. Digitalization in healthcare is being implemented extensively
in Việt Nam and it is a welcome approach to help the nation and its
people in this difficult time.
B. Current situation
Vietnam’s digital economy has experienced remarkable growth,
projected to exceed US $43 billion by 2025, Vietnam, has
enthusiastically fostered the intergation of medical technology into
healthcare practices.
Still with a lack of strategy on health cybersecurity and weakened
regulatory oversight of the ICT sector, Vietnam will likely to face an
increase in cyber threats and sophisticated attacks.
In 2019, The Vietnam's Ministry of Health (MoH) approved an EMR
deployment plan, resulting in the initial deployment of EMRs in many
localities
Hospital management information systems have been implemented in all
hospitals across the country, and the interconnectivity with the
healthcare insurance payment verification system has reached an
impressive 99.5%. As of July 2023, over 40 health facilities have fully
replaced paper medical records with EMRs.
However, in 2020 iSofH - a Vietnamese company that provides
healthcare information management solutions has been found that one of
their cloud servers was left publicly exposed without encryption or
password protection. One could access 12 million patient records
through it, with no difficulties. The records included full names and
dates of birth, postal and email addresses, phone numbers, passport
details, credit card numbers, medical records, and recent test results and
diagnoses. Three days after the discovery, the channel was attacked by
the meow bot that deleted some information. The company did not take
it seriously, even though this data can be used for phishing campaigns,
identity theft, or more sophisticated attacks.
In Vietnam, the Vietnam National Cybersecurity Centre (NCSC)
recorded 1,383 cyberattacks in the first month of 2022, a steep increase
of 10,29% from December 2021
C. Past actions
In recent years, the Vietnam government had issued numerous
regulations in its effort to strengthen the local cybersecurity landscape,
including:
D. Bloc positions
E. Solutions
stakeholders, especially critical IT systems, should improve capacity while
strengthening coordination with specialized information security forces.
allocate resources and budgets for monitoring, supervision, and incident
response processes. (particularly to implement intrusion detection and
prevention systems such as NIST in Nigeria)
The authorities need to heighten public awareness about the importance of
cybersecurity through launching multimedia campaigns about general
information of cyberattack and publicizing the threats and damages of
cybercrimes.
Healthcare organizations provide security guidance to their staff and broaden
their cybersecurity-related knowledge
Authorities within healthcare sector can assess the efficiency of current
national policies and legislation to detect flaws and make necessary changes
so as to further facilitate them.
Analyze carefully cases of cybercrimes to develop multi-level incident
response frameworks regarding each region’s resources and infrastructure
(hence effectively preventing further damage.)
Maintain sustainable channels of communication about the secure usage and
control of cybernetworks in healthcare affairs among international partners
Report any incidents of cyber criminals happening in Member State’s
channels to the WHO to promotes timely identification of emerging threats,
quickly minimizing the impacts.
In Vietnam, the healthcare industry has suffered substantially from cyberattacks due to a
lack of a comprehensive stance on health cybersecurity and weakened regulatory
oversight of the ICT sector. The Vietnam National Cybersecurity Centre has recorded a
year-on-year increase in cases of cybercrimes. Still, in recent years, the governments have
issued numerous regulations and established the Vietnam Cybersecurity emergency
response teams/ Coordination center (VNCERT/CC) and the Third Draft of the
Cybersecurity Administrative Sanctions Decree (Draft CASD) to fortify its cybersecurity
framework and safeguard personal data