SGGPO
According to Bkav, the consequences of data encryption incidents are often dire because data recovery is almost impossible.
 |
On May 29, Bkav Cyber Security Company said that since the beginning of the year, Bkav's Technical Support Center has received hundreds of calls requesting to handle ransomware. Bkav's virus monitoring system also recorded that in the first half of 2023, more than 77,000 computers in Vietnam had their data encrypted. Studying the rapid spread of this virus strain, experts pointed out the "Achilles heel" that caused many organizations to be blackmailed by ransomware.
Bkav said that in early May, a large enterprise with a team of experienced administrators who knew their systems were attacked by ransomware, and all of more than 10TB of data was encrypted. Hackers demanded more than 4 billion VND in exchange for the decryption key.
In mid-May, another business was attacked by hackers and their servers and personal computers were encrypted at midnight. Hackers demanded $9,000 in ransom for each encrypted computer. Bkav experts discovered that the system was attacked by the Jianliang encryption virus, which had never appeared before... Bkav's virus monitoring system also detected the STOP/DJVU or FARGO3 data encryption malware, which targets businesses and units using accounting data management software. According to statistics, a total of 261 servers were hacked from more than 6,000 different IPs.
Mr. Nguyen Tien Dat, General Director of Bkav's Malware Research Center, said that these are just examples of many cases showing the subjectivity of system administrators, causing ransomware to run rampant. Among hundreds of cases that contacted Bkav for help, more than 50% of organizations and individuals did not use anti-virus software or installed insufficient protection applications. In particular, there are units that have a lot of important data but are frugal, using free anti-virus software. Free anti-virus software is capable of handling common types of malware, only suitable for protecting not-so-important data because it does not have the ability to automatically detect and completely destroy data-encrypting viruses.
According to Bkav, data encryption malware uses many methods to attack: exploiting web service vulnerabilities, brute force password scanning on SQL services, operating system vulnerabilities, to directly attack the server. Another way is to attack a personal computer, from there silently scan, penetrate deep into servers and other computers in the network...
“The consequences of data encryption incidents are often devastating because data recovery is almost impossible. Even if the victim agrees to pay, there is no guarantee that they will get their data back from the hacker,” said Mr. Nguyen Tien Dat.
To avoid data encryption attacks, experts from Bkav recommend that users and system administrators should: Backup important data regularly; do not open internal service ports to the Internet when not necessary; evaluate the security of services before opening them to the Internet; install strong enough anti-virus software for constant protection.
Source
Comment (0)