Many ransomware attack groups target systems in Vietnam
Data recorded from the technical system of the National Cyber Security Monitoring Center NCSC under the Department of Information Security (Ministry of Information and Communications) as well as the National Cyber Security Center under A05 (Ministry of Public Security) all indicate that recently, ransomware attack groups are focusing on attacking Vietnamese organizations and businesses.
Since the end of March, from the discovery of ransomware attacks on information systems in Vietnam with an increasing trend, in the updated information on April 6, the Department of Information Security said that ransomware attack campaigns are appearing in cyberspace targeting agencies, organizations and businesses in Vietnam.
NCSC's monitoring system also recorded that ransomware attack groups focused more on organizations operating in the fields of finance, banking, energy, telecommunications, etc. In fact, ransomware attacks on the systems of some Vietnamese enterprises in recent days have caused damage to assets, affected brand reputation, and especially disrupted the business operations of these units.
Speaking on the sidelines of the seminar "Preventing ransomware attacks" held on April 5, Mr. Pham Thai Son, Deputy Director of NCSC, through analyzing and identifying the causes and targets of recent attacks on information systems in Vietnam, the Department of Information Security found that many different attack groups have chosen to target the systems of domestic organizations and businesses such as Lockbit, Blackcat, Mallox...
The NCSC representative also said that although ransomware attacks have existed for a long time, the sophistication, complexity and professionalism of the attack groups are now much higher than before. Meanwhile, although Vietnam is accelerating digital transformation, many activities are moving to the digital environment; but there are still many domestic organizations and businesses that have not fully ensured the security of their information systems, making the systems easy targets for hacker groups.
Mr. Pham Thai Son also shared that the Department of Information Security regularly and continuously issues warnings about new vulnerabilities and new attack trends to agencies, organizations and businesses so that units can update and handle errors promptly. However, the reality is that many organizations and businesses have not really paid attention to handling them, nor have they invested properly to ensure information security.
According to statistics, after more than 7 years since the Law on Network Information Security and Decree 85 on ensuring information system security by level came into effect, up to now, more than 33% of information systems of state agencies have not completed the approval of information system security levels, and the rate of systems that have fully implemented protection measures according to the proposed level documents is even lower, only about 20%.
Sharing the same view, the representative of the National Cyber Security Center, Department A05 also stated: The situation of cyber security and safety in Vietnam is becoming more and more complicated, with the frequency of attacks increasing and the damage also becoming greater. About 2-3 years ago, hackers taking away 40-50 billion VND was considered very large, but now there are cyber attacks causing damage of up to 200 billion VND.
Emphasizing that Vietnam is actively transforming digitally but many organizations have not paid due attention to network safety and security, the representative of the National Cyber Security Center also pointed out a number of serious attacks on units in the fields of communications, energy, banking and finance, payment intermediaries, and securities that occurred in Vietnam's cyberspace from September 2022 to April 2024, with an increase in the scale and frequency of attacks.
Paying ransom for data would set a bad precedent
Notably, although they all agree on the extremely dangerous level of ransomware attacks, because once data is encrypted, there is almost no chance of decrypting the data, and the recovery rate is almost zero, experts still recommend that agencies and organizations do not pay hackers to ransom encrypted data.
A representative of the National Cyber Security Center said that the parties participating in the world's anti-ransomware initiative all agreed that it was necessary to encourage units not to pay because it would create demand, stimulating cyber attack groups to focus more on attacks.
“If units are resilient to attacks, the motivation of hacker groups will decrease. Last March, a unit in Vietnam paid a ransom to restore the system. We have warned that this sets a bad precedent for that business and other units in the market. There are currently no specific regulations, so whether or not to pay ransom for data is still the choice of the business or organization,” said a representative of the National Cyber Security Center.
Talking to VietNamNet reporters about this issue, expert Vu Ngoc Son, Technical Director of NCS Company, also said: The general trend in the world is to try not to pay ransom to hackers, not to create a bad precedent because this action can encourage hackers to attack other targets in the country or encourage other hacker groups to continue attacking businesses and organizations that pay ransom.
The general advice from authorities and experts is that businesses and organizations need to “prevent rather than fight” when facing ransomware attacks. In the ‘Handbook for preventing and minimizing risks from ransomware attacks’ launched on April 6, the Department of Information Security recommended 9 measures for businesses to proactively prevent this dangerous type of attack.
Source
Comment (0)