2021-03-13
On March 13, JICA project delivered equipment related to the DDoS attack mitigation system.
A DDoS attack (Distributed Denial of Service Attack) is a cyber-attack that degrades the performance of a network or server by sending a large amount of data to a certain attack target server and overloading it by concentrating access.
This attack causes the organization's internet services (e.g., government sites, e-commerce sites, etc.) to shut down as they are unable to process normal access.
The disruption of internet services can hinder government services and business activities.
According to a report by a security firm in 2019, DDoS attacks in Viet Nam accounted for 3.53% of the global total, ranking fifth after China, the United States, France, and Russia. In the Asia Pacific region, Viet Nam's DDoS attacks accounted for 9.52% of the total attacks, second only to China (followed by India and Indonesia.) In 2020, VPS Securities, a Vietnamese brokerage firm, suffered a DDoS attack that prevented some customers from logging in.
Several government agencies in Vietnam have systems in place to avoid this DDoS attack.
Our counterpart in the project, the Authority of Information Security of the Ministry of Information and Communications, also has one.
It triggers the detection of a DDoS attack and sends a large amount of packets to the path where the defense system is located. Within that path, the system intercepts the communication of the attack based on the characteristics of the packets, and returns it to the intended path through only the communication by normal access.
In order to augment this system, the project has procured IT equipment such as servers, displays, disks, and workstations. Currently, these equipment are being installed and configured, and when completed, they will improve the performance to avoid DDoS attacks.
In addition, in order to increase the effectiveness of these equipment operations, the project is providing the following training to strengthen the capacity of the operators and maintenance managers.
Certified Ethical Hacking (CEH): Understanding of cyberattack methods and attackers, including DDoS attacks
Linux Professional Institute Certification 1 (LPIC-1): In-depth understanding of Linux, the operating system for most servers, and application of commands
Professional VMware vSphere: Understanding of virtual machines
Certified SOC Analyst (CSA): Understanding of network monitoring and incident response procedures