Warning information about ransomware has just been shared by expert Vu Ngoc Son, Head of Technology Research Department, National Cyber ​​Security Association.

Specifically, according to Mr. Vu Ngoc Son, in just the past 2 weeks, a series of Double Extortion Ransomware attacks have occurred consecutively and this is also likely to be the main trend of cyber attacks in 2024. The latest victims of this form of attack are Schneider Electric, Kansas City Public Transportation Authority (USA), British Library, ESO Solutions (USA).

Explaining further about this form of cyber attack, experts from the National Cyber ​​Security Association analyzed that double ransomware is a form of "terrorist" attack on victims.

Accordingly, the victim's computer systems will first be slowed down when all data will be inaccessible due to encryption. The victim is forced to pay a ransom to "return" the data decryption key. Next, the hacker can continue to sell this data on the black market, causing the risk of data leakage. The sold data may contain sensitive data, affecting the victim's business and production activities.

network attack 3 1.jpg
Diagram of hacker's double ransomware attack. (Photo: NCS)

In Vietnam, although there has not been any official record of a similar incident with double ransomware in the past. However, system administrators need to be extremely vigilant because the time near Tet and the Lunar New Year holiday is always a favorite time for hackers. This is the time when systems will be "off" for a long time, administrators will not be on duty continuously as usual, if attacked, it will be difficult to detect, and the time to handle the incident will also be longer because it is not possible to mobilize forces as quickly as usual.

According to the NCS report, 2023 also recorded many ransomware data encryption attacks with serious consequences. Up to 83,000 computers and servers were recorded to be attacked by data encryption malware, an increase of 8.4% compared to 2022.

In particular, in the fourth quarter of 2023, the number of data encryption malware attacks increased sharply, exceeding the average of the first three quarters of the year by 23%. Some key facilities also recorded data encryption attacks during this time. The number of data encryption malware variants appearing in 2023 was 37,500, an increase of 5.7% compared to 2022.

W-tan-cong-mang-1-1pg-1.jpg
The increase in ransomware attacks on businesses and organizations is predicted to be one of the four information security trends in 2024 in Vietnam. (Illustration: NS)

In the newly released report on the risk of information security loss in Vietnam in 2023, Viettel Cyber ​​Security's technical system recorded at least 9 ransomware attacks targeting large companies and organizations in Vietnam. These attacks encrypted hundreds of GB of data and extorted at least 3 million USD, causing disruption and heavy damage to the targeted companies and organizations.

The trend of 'Ransomware as a Service' is increasing and focusing on enterprise organizations. The sectors most affected by Ransomware in 2023 are large organizations and enterprises, especially in the fields of banking, finance, insurance, energy...

Viettel Cyber ​​Security experts also stated that increasing ransomware attacks on businesses and organizations is one of the four technology and information security trends in 2024 in Vietnam. Businesses around the world and in Vietnam can become victims of ransomware. The top weaknesses leading to ransomware attacks on organizations often focus on people, software vulnerabilities and digital assets on the Internet such as websites and applications.

Actions taken by businesses to protect their organizations against ransomware attacks include: Focusing on employee training, increasing awareness of attacks in the form of emails with fake links, while increasing the identification of phishing forms and initial handling of suspicious files; Using data recovery and backup solutions, ensuring data integrity when attacked by encryption.

Along with that, businesses also need to increase the use of information security update solutions such as Threat Intelligence, promptly grasp the attack situation and proactively respond; Focus on digital asset and vulnerability management, ensure that important software and vulnerability patches are always updated regularly, minimize attack surface; Deploy data protection solutions and access rights through multiple layers of authentication.

At the same time, it is necessary to plan for system-wide information security protection, continuously monitor information security and prepare for incident response, including protection solutions at all layers, personnel handling and response procedures, and solutions when the system becomes the target of attack.

Many new malware targeting smartphone users will appear in 2024 In 2024, smartphone users are expected to face more new types of malware that can penetrate, exploit vulnerabilities and take control of phones, including devices running Android and iOS operating systems.