Depending on the financial situation of individual companies that choose different approaches to establish the safety system for the website (website).

Lucrative prey

A recent study by security firm McAfee reports the website domain name. Vn of Vietnam is becoming a lucrative prey for cybercriminals. According to McAfee's survey, about 58% of websites use the domain name. Vn containing code entry, causing risk to visitors.

Need a network security solution uniform, overall

The survey noted Vietnam became "destination" for high-tech crime in 2010, since 2009 the only domain of Vietnam ranks 39 on the charts global threat. In 2010, the domain name of Vietnam ranked third in the McAfee survey on risk level (29.4%), just behind the commercial domain. Com (31.3%) and. info (30.7%) and leading risk level in the national domain name system.

Explain the process of increase in the breaking operation, the director of security research at McAfee Labs, Paula Greve, said: "Cyber ​​criminals target the areas where the cost of registration website cheap and comfortable, as well as less risk of detection. A domain name year safety can become dangerous in the following year. "

According to the survey, about 15,000 out of 24,000 sites use the. Vn be criminal control and exploitation. Many top domain name. Vn is used as the address to turn to the page or active network intruders with the automatic control system of specialized computer-controlled intrusion.

Synchronous solutions

According to experts, network security, network security issues need a uniform solution, overall from technology to people. Technology, right from the construction site there are two issues to consider is the source code (source code) and where to store website (hosting).

Source problem for newspapers now have two approaches, either buy a package of content management software firms like Microsoft, IBM ... or hiring web design companies writing code.

With Microsoft SharePoint Server, IBM Lotus Note. With the package of the "giants", users will get maximum support issues, and security upgrades because this is in the range of global companies. Along with this support, the cost is always relative to pay royalties calculated for each year. We now have several pages of the network using SharePoint Server technology of "extended" Microsoft as Thanh Nien Newspaper, Women's City.

Meanwhile, if the company goes towards hiring programmers to write separate code should absolutely pay attention not to use the source code of unknown origin as open source, free source code, source code trial .. . With this type of source, they are usually set to "back door" to abuse when the bad guys used to use.

Because of these factors should source issues should be discussed and clearly identify the source of the source code in the contract. From these provisions during the construction site to review and identify gaps made remedies. Even need to hire security experts to review. Once you have a website programmed safety, need to put it on the host "clean" to limit the risks.

Human security from

With large sites, to have a server "clean", it should have its own server system. Thus the server administrator will have full management and control, free to make its own security policy for organizations, such as firewall configuration settings, open the port restrictions (port) ... Especially, do not hire host shared with other sites, this avoids the attack site "horizontally". This means that the website has been programmed generally safe but with store server unsafe websites built using the source code of unknown origin as stated above, the hackers will attack easily on the page insecure network, and from this will be easy "payments" are common sites on that server.

In addition to systematic technology standards, operational procedures are also important factors to ensure the safety of the website. In some companies, network administrators often connected to the network server (LAN) to easily access the system administrator. This is the wrong loophole to easily attack the internal website or unknowingly abetting external hackers attacked the website of the virus infecting the computers in the LAN and then take control of the server. A safety system need to design a virtual private network (VPN) to access the server and peer isolation entirely with the user. Users (reporters, editors) user password is not strong enough (short, do not combine letters and numbers, easy to remember ...) can also "help" hacker attack system easily.

The other news

• Email alerts containing malicious code that pretend the Ministry of Public Security demands ransom of up to $ 1,000
• What is the virus 'destruction' of the Wanna Cry?
• Ways to prevent and protect your computer from the free Wanna Cry virus
• How to patch Windows flaws to prevent WannaCry ransomware
• The risk of WannaCry virus spread in Vietnam