 |
Director of BKIS, Nguyen Tu Quang |
“In 2006, the issue of cybercrime will be brought under control. We are cooperating with investigative agencies to bring some offenders in this field to justice as a warning“, affirmed the Director of the Cybersecurity Center at Hanoi University of Science and Technology in an interview with VnExpress.
– What is your overall assessment of the virus situation over the past year?
It has been a busy year for BKIS, dealing with nearly three times the number of viruses compared to last year, totaling 232 new viruses. Internet worms and spyware made in Vietnam have started to emerge. Five to six years ago, computer viruses originating from Vietnam were also common, but those were created using traditional technologies dating back 20 years.
– Many current worms spread through email attachments written in English, which may explain why they attract little attention domestically. Could this be why there are not many large-scale virus infections in Vietnam?
Many users still fall victim to such scams. However, this year’s viruses have not focused on data destruction, so they haven’t drawn significant attention, even though they may be spreading widely and causing damage. Our investigation indicates that up to 94% of computers in Vietnam have been infected with computer viruses this year, a decrease from last year’s 97%.
– Why are destructive viruses not as prevalent anymore?
This is fortunate but concerning because it might lead people to let their guard down, thinking they can live peacefully with viruses. In reality, just a moment of change in intent from the virus creator, by altering the code from 0 to 1, could turn a non-destructive virus into a “killer.”
There are two main reasons for this trend. First, viruses today spread incredibly fast. Within hours, they can infect millions of computers worldwide. If they were to destroy data everywhere, the consequences would be severe, and the responsibility of the creator would be immense, often beyond their comprehension. This forces them to think carefully about whether to “switch from 0 to 1.” However, we remain concerned that this might still happen with professional criminals.
Second, previously, viruses had to spread quietly and could take a year to propagate across an entire country. Thus, there were limited opportunities for them to “show themselves.” The most attention-grabbing tactic was to destroy data en masse on a predetermined date. Now, viruses spread so quickly that they can already “make their mark.” This reflects the psychology of those who write viruses.
Although not destructive, some viruses this year have secretly stolen personal information from infected computers. This can sometimes be worse than complete data loss.
– There has been no notable virus outbreak caused by domestic hackers. Does this mean Vietnamese hackers lack skills, are inherently benign, or has no one discovered them yet?
This is due to the lack of skill among hackers in Vietnam. In fact, there have been virtually no viruses originating from Vietnam in the past three years. They only began to appear towards the end of 2005. While this is encouraging, I believe it also reflects the still-weak foundational IT skills in Vietnam.
– Cybersecurity was quite heated last year with Turkish hackers defacing government websites and many commercial sites suffering from denial-of-service attacks. What are your comments on this?
I see several issues to address. The domestic networks have not received adequate attention regarding security, and the construction and implementation of laws to combat cybercrime have not been effective. It is entirely possible to identify the denial-of-service attackers in the incidents from late last year, and in fact, we have already found such individuals. However, dealing with them is another issue due to the insufficient legal framework. In 2006, we will work with security agencies to handle a few cases as a warning. This will help us determine how to supplement the legal framework.
Another issue is that in IT investment projects, cybersecurity must be given proper attention. I use the term “proper” because currently, these projects mention and allocate investment for cybersecurity, but it is not done correctly. They require professional consultation in this area. In 2005, BKIS provided this consulting service to several major government agencies, and we saw significant improvements in security.
– Does BKIS currently have software to handle spyware and adware?
In the last months of this year, we began testing technology for handling spyware and adware. Feedback from participants in the trial has been very positive. We plan to officially launch this technology in the Bkav2006 Pro version released in January 2006. With this version, the problems of spyware and adware will certainly be addressed more effectively. In fact, handling these issues is not as daunting as dealing with computer viruses. Additionally, next year we will continue to release anti-spam software.
– VnExpress has received many reader comments stating they use BKAV software and regularly update it but still cannot eliminate common spyware like CoolSearch. How do you explain the current effectiveness of BKAV?
As mentioned, the technology for handling spyware has only been tested by us and will be officially launched with Bkav2006 Pro in January 2006, so this is understandable. I assure you that with what we are about to announce, handling these issues will be much simpler. If anyone notices spyware or adware issues, please report them to us for handling and updating the detection patterns.
– In your opinion, can the security community take proactive measures to combat these issues?
As someone who has worked deeply and for a long time in this field, I believe this is still merely a dream because it cannot transcend the laws of life. This is fundamentally a battle between humans. Computers or software are merely tools, and good will always triumph. We have yet to encounter a computer virus that we cannot handle, though we cannot avoid all damages; that is simply life.
– What predictions do you have for the virus situation and cybersecurity in Vietnam in 2006?
2006 will certainly be as dynamic as this year, with new computer worms appearing weekly. Viruses and spyware originating in Vietnam, as well as attacks by domestic hackers, will increase. The issue of spam will be frequently mentioned. It is possible that for the first time, individuals may face legal consequences for such actions.
Nguyen Hang conducted this interview
