Print options

November 14, 2013

Vietnam’s Digital Dreams Held Back by Malware 'Epidemic'

by Marianne Brown

Vietnam is planning to develop a vibrant digital economy in the next 10 years, but computer analysts say it still has a long way to go. Most of the software used in the country is pirated, computer users in the country are experiencing an ‘epidemic’ of malware attacks, and observers say the government is not doing enough to respond.

Vietnam’s information, communications and technology sector has grown rapidly over the last 10 years and the government has high hopes for its future, with plans to become a center for Information Technology, or " IT," outsourcing in the next decade.

But to capture its share of the knowledge economy, experts say more has to be done to address cyber security in Vietnam.

One major stumbling block is malicious software, known as malware, which is used to disrupt or damage computer operations, steal data or access private computer systems.

Vietnam is consistently among the top five distributors of spam and malware in the world, said Michael Mudd, Chair of Information Technology, Intellectual property and Telecommunications Committee at the American Chamber of Commerce.

He said Vietnam is facing a malware “epidemic,” mainly because of lack of awareness about the problem.

“In the countries that have been involved in IT for longer, they are more aware of anti-virus programs. Everywhere I go in Vietnam, I go in places and offices and stuff like this, and hardly any computer, apart from the very big ones, are protected by any anti-virus program at all,” he explained.

The issue of malware is a very reactive one, you do not do anything until it hits you, said Wahab Yusoff, Vice President of the South Asia region for global computer software company McAfee.

“I think awareness is increasing but I think there’s a sense of laissez faire, I’m not being affected, but awareness is increasing," Yusoff said. "Compared to Singapore it’s a much smaller country and community, it’s less in terms of awareness and maturity but it’s definitely on the rise.”

The use of pirated software is one of the main ways malware can access computers systems.

According to U.S.-based Business Software Alliance, around 81 percent of computers in Vietnam use pirated software. Mudd said infected computers could take up to 20 percent of available bandwidth, incurring substantial economic costs.

Compromised computers can be used to launch attacks on other computers.

Pham Hoang Mien is co-owner of events website Hanoi Grapevine.

Last week the site went offline for a day after being subject to a “distributed brute force attack”, which means a large number of compromised computers were automatically trying to log into the site. The purpose of attacks like these are often to obtain personal information.

Records indicate many of the computers involved in the attack were located within Vietnam.

“Clients keep calling and e-mailing to say ‘so, when is it going to be online, we put an ad there and now it’s gone so what’s going to happen next?’ Or some people messaged us to say ‘we are going to Hanoi this weekend, but I cannot access the site so what is going on, can you tell me?’ And I’m going ‘well, actually I’m just like you," Mien stated. "Without our site I also don’t know what’s going on in town.”

The economic implications can have a national impact, said McAfee’s Yusoff, because malware has the potential to disable national infrastructure. He gives the example of cash machines.

“We’ve heard so many stories in the past in Europe and the U.S. where ATMs are brought down and countries are made to suffer because ATMs are not available for two weeks. So issues like that which can actually bring a country’s economy down to its knees,”

Mudd said to tackle the problem, Vietnam does not need more “antivirus scientists with four-year degree programs,” but an army of IT 'plumbers' who can maintain computer systems properly and get rid of the preloaded malware coming in with the machines.

He says to achieve Vietnam’s IT dreams, education about cyber security should start early, even at school age, so people understand the value of investing in legitimate software and antivirus programs.