SGGPO 06/23/2023 11:08

In the first 6 months of 2023, there were 5,100 cyber attacks on systems in Vietnam; nearly 400 websites of agencies and organizations with the domain names .gov.vn and .edu.vn were hacked, with gambling and betting advertising codes inserted; a series of online frauds continuously occurred.

On June 23, the Vietnam National Cyber ​​Security Technology Company (NCS) released a report summarizing the situation of Vietnam's Cyber ​​Security in the first 6 months of 2023. Accordingly, the first 6 months of 2023 recorded an outbreak of online fraud. Although many warnings have been issued, the number of victims of fraud has increased continuously and shows no signs of cooling down.

The damage in some cases is up to hundreds of millions of dong, while the forms of fraud are increasingly sophisticated and unpredictable. The most prominent are the "easy work, high salary" scams that have broken out, especially when the scammers have shifted their "area" of operation from Zalo to Telegram. With the Telegram network, they can easily create groups with a large number of people, not limited to small groups, and not subject to the control of management agencies in Vietnam. With Telegram's design, when discovered, the subjects can quickly retrieve messages, images, and delete groups to avoid being traced.

Online fraud has increased in many different forms in Vietnam recently.

Compared to 2022, scams via calls via Zalo and Facebook Messenger are becoming more sophisticated, with the emergence of Deepfake technology making it easier for victims to be fooled because they can see and hear directly through images and sounds.

Not only impersonating relatives and friends, scammers also impersonate police officers, making it difficult for victims to know what is real and what is fake. Fraud attacks using fake BTS stations to spread Brandname SMS messages show signs of shifting their operations to the suburbs of big cities to avoid being raided by authorities. Although the form and content of the fraud are not new, many people are still being fooled.

In addition to raising awareness, people are also looking forward to stronger measures from management agencies such as blocking SIM cards, junk numbers, and junk bank accounts to help quickly eliminate fraud and bring cleanliness to the online environment.

According to NCS statistics, in the first 6 months of the year, the number of websites of state agencies with the domain name .gov.vn and educational organizations with the domain name .edu.vn that were hacked, infiltrated, and had gambling and betting advertising codes inserted into them reached nearly 400 websites.

This is a relatively alarming number, not only inserting advertising links, hackers when controlling the system can steal the database, including personal data of users, can even post malicious content or links to spread malware in the future. In addition to reviewing to fix, it is time for agencies and organizations to pay serious attention to their website systems and information portals, need to arrange specialized forces or outsource operations services, ensure network security.

The risk of critical systems being targeted by ATP is always present.

NCS statistics show that in the past 6 months, the number of cyber attacks on Vietnam's systems was 5,100, down about 12% compared to 2022. However, APT attacks on key facilities increased by about 9% compared to the same period in 2022. The reason is that key facilities always have a lot of important data and great influence, so they are the favorite targets of hackers.

NCS experts said that APT attack campaigns on network systems in Vietnam in the first 6 months of the year focused on 3 main forms of attack: attacking users via email, fake email content with malicious attachments in the form of text files or fake login links to take over user accounts; attacking through software vulnerabilities on servers, most of which are systems using Microsoft software such as Exchange, SharePoint; attacking through website vulnerabilities, especially SQL Injection vulnerabilities or through probing website and server administrator passwords.

After penetrating a component of the system, which can be a user's computer or a vulnerable server, the hacker will lie low, collect login information, and then continue to expand the attack to other computers in the network. In fact, APT attacks can last for several weeks or even months. However, many agencies and organizations do not have a network security monitoring system or specialized experts, so by the time they are discovered, a lot of data has been lost, and hackers even have enough time to erase traces of intrusion, making it difficult to investigate and fix the problem. To prevent APT attacks, agencies and organizations need to review the entire system, collect full activity logs, assign specialized people or outsource network security monitoring services.