WORDS ON THE STREET 70th anniversary of Hanoi's Liberation Day Vietnam - Asia 2023 Smart City Summit Hanoi celebrates 15 years of administrative boundary adjustment 12th Vietnam-France decentrialized cooperation conference 31st Sea Games - Vietnam 2021 Covid-19 Pandemic
Apr 26, 2021 / 18:29

US Department of Defense praises Vietnamese engineer

In April, the Vietnamese engineer was honored by the US Department of Defense for outstanding contributions to system information security and Vulnerability Disclosure Program.

Tran Dai Chi, born in 1992, received an honorable mention from the US Department of Defense (DoD) for ensuring national security against cybercrime in the country.

 Tran Dai Chi poses for photo with his degree from the Southern Methodist University in the US. Photo courtesy of Chi

Chi works as a security engineer at Amazon in Texas. In April, Chi’s nickname, "0xfatty", appeared on the Department of Defense Cyber Crime Center (DC3) website for outstanding contributions to system information security and Vulnerability Disclosure Program (VDP).

Each month, the DC3 would pick a researcher of the month who helped ensure security against offensive maneuver targeting computer network. In a statement on Twitter, the DC3 said the Vietnamese engineer had discovered two cyber-attack methods rated "serious." If exploited, it could "lead to a complete invasion of the system."

The Remote Code Execution (RCE) attack method Chi reported to the DoD relates to the CVE-2021-22986 problem of the F5 BIG-IP service being used by many agencies in the US.

"This vulnerability allows hackers to take control of the whole server and do anything they want on it. The potential risk is that the bad guys can launch an attack from one machine that could spread to many others," Chi said.

The US law is strict on cyberattacks, so Chi only detects and confirms security risks, reports and sends them to the DoD, which would typically turn off problematic servers prior to repairs.

Previously, Chi was honored by tech giants Apple and Google for his findings in the field of cybersecurity. Involved in the information security industry for less than three years, he has been raking in foreign accolades.