On April 1, Viettel announced the Report on Cyber ​​Security Situation in Vietnam in 2024. The report, published by Viettel Cyber ​​Security Company under Viettel Group, provides a comprehensive view of the current state of cyber security in Vietnam throughout the year, warns of increasing threats, and suggests preventive recommendations for domestic businesses.

Number of cyber attacks, data leaks, security vulnerabilities continue to increase

The report was developed by Viettel Cyber ​​Security based on data from the Cyber ​​Security Knowledge System (Viettel Threat Intelligence).

In 2024, the information security risk recording system in Vietnam will continue to spread, as evidenced by the increasing number of cyber attacks and increasingly sophisticated attack methods and scale.

Specifically, the amount of data encrypted by the attack was up to 10 Terabytes, causing total estimated damage of up to 11 million USD. These attacks not only encrypted data but also combined information theft to increase pressure and demand ransom.

The problem of data leakage also increased sharply in Vietnam with 14.5 million leaked accounts, accounting for 12% of the global number, leading to a lot of personal information and business documents being widely sold on online platforms.

Financial fraud and brand counterfeiting also became more complex in the past year. More than 4,000 fraudulent domains were recorded, down about 30% compared to 2023, but the number of fake pages and unauthorized brand use increased 3 times (nearly 1,200 pages).

Cybercriminals are using AI to create a series of fake emails and websites. The Finance and Banking sector remains the most targeted sector, accounting for 71% of all attacks.

In addition, the number of distributed denial of service (DDoS) attacks also increased significantly with more than 924,000 attacks recorded, an increase of 34% compared to the previous year. In particular, some attacks exceeded 1 Tbps, targeting Finance, Public Services and Technology organizations, causing serious disruption to operational systems.

According to the report, there were nearly 40,000 new security vulnerabilities discovered, an increase of 46% compared to 2023. Of these, 47% were High and Critical vulnerabilities, focusing on popular products and services such as VPN systems, web servers, and management software.

Organizations in Vietnam face risks from many unpatched vulnerabilities, with 143 vulnerabilities warned to pose a high risk of impact. Particularly, businesses in the Finance, Energy and Technology sectors where critical systems are frequently exploited by hackers.

Which Cyber ​​Attack Trends Will Increase in 2025?

The report also points out the cyberattack trends that will develop in 2025. Accordingly, criminals will increasingly exploit AI to create harder-to-detect malware, using deepfake technology with more sophisticated forms of voice, image or video forgery. IoT devices and Blockchain platforms become new targets for hackers, especially poorly secured devices and cryptocurrency trading platforms.

The explosion of the Ransomware-as-a-Service (RaaS) model also makes it possible for anyone to launch cyber attacks, without technical expertise.

Ransomware as a service (RaaS) is a cybercrime business model in which ransomware developers sell ransomware code or malware to other hackers, who then use the code to launch their own ransomware attacks.

Another worrying trend is the rise of Fileless Malware attacks, which exploit RAM and system administration tools like PowerShell to avoid detection by traditional security software.

In that context, Viettel Cyber ​​Security Company has made 5 main recommendations for businesses to proactively deploy protection solutions and minimize risks.

First, businesses need to build a 24/7 information security monitoring system, detect and handle attacks early. Second, apply a modern management model (Zero-Trust) to strictly control access to the system, preventing the risk of unauthorized intrusion.

Third, it is necessary to review and patch vulnerabilities regularly. Conduct periodic audits, prioritize fixing critical bugs, and assess security in the supply chain to avoid attacks through partners.

Fourth, invest in advanced security technologies such as External Attack Surface Management (EASM), SOC, Anti-DDoS to protect important information assets.

Finally, according to Viettel Security representative, businesses need to build an information security culture through periodic training and incident handling drills to minimize human risks./.

Source: https://www.vietnamplus.vn/145-trieu-tai-khoan-bi-ro-ri-vi-lo-lot-du-lieu-o-viet-nam-nam-2024-post1024110.vnp