On April 10, the Vietnam Cyber ​​Security Association - VNISA issued a warning about the trend of ransomware attacks to agencies, organizations and businesses nationwide, especially the Association's members and partners.

Experts from the Department of Information Security (Ministry of Information and Communications), the Department of Cyber ​​Security and High-Tech Crime Prevention - A05 (Ministry of Public Security) and large enterprises in the field of cyber security and safety all have the same opinion: Ransomware attacks are a prominent trend in 2024 and the following years. With ransomware attacks, experts also agree that 'prevention is better than cure'.

ransomware attack 1 1.jpg
Ransomware attacks have been and are a constant threat to many businesses and organizations globally and in Vietnam. Illustration photo: Internet

In a new warning, VNISA stated: The increasing dependence on digital data and the Internet in all areas of social life has made organizations and individuals more vulnerable to cyber attacks, including ransomware attacks.

Pointing out the four main steps of a ransomware attack, VNISA commented: “The danger of ransomware lies not only in its ability to encrypt data, its methods of propagation, and its demands for ransom, but also in creating a financial transaction channel through which hackers can make illegal profits. The sophistication and unpredictability of ransomware attacks make them one of the biggest challenges to cybersecurity today.”

From a preliminary summary of the picture of ransomware attacks in Vietnam and recent recommendations and instructions from authorities, VNISA has made a number of recommendations to agencies, organizations and businesses.

Specifically, the Association recommends that agencies, organizations and businesses immediately review the security of their systems according to the instructions of the authorities, focusing on detecting signs of system intrusion for timely handling.

Units need to review and re-evaluate whether the information system under their management meets current regulations, in order to supplement and invest in information security appropriately; Build a team of specialized information security with sufficient capacity and regularly train to improve awareness and information security skills for officers and employees. In case there is no specialized team, units can hire information security services from domestic enterprises.

W-information-system-security-1-1.jpg
According to VNISA, units need to periodically review, inspect and evaluate information security to promptly detect and fix system vulnerabilities and weaknesses. Illustration photo: LA

VNISA also recommends that units focus on investing in and equipping strong monitoring solutions to detect unusual signs as well as early warnings of cyber-attack risks; Review, inspect and evaluate information security to promptly detect and fix system vulnerabilities and weaknesses.

Regularly back up data and deploy backup systems for information systems to ensure continuous service provision and operation when the main system fails.

At the same time, strictly implement and comply with regulations on data protection, especially customer-related data systems according to current regulations, to prevent cyber attacks and minimize risks.

In case of detecting a cyber attack or information security incident, VNISA recommends that units immediately notify the authorities for support, guidance on response plans as well as investigation, handling and system recovery.

Speaking at the regular press conference of April 2024 of the Ministry of Information and Communications held on April 8, Mr. Tran Nguyen Chung, Head of the Information System Security Department, Department of Information Security (Ministry of Information and Communications) said: Currently, both the level of investment as well as the activities of compliance with legal regulations on information security of agencies, organizations and enterprises are not commensurate and do not meet the requirements. Not only that, agencies, organizations and enterprises also tend to hide information when encountering information security incidents or cyber attacks.

The recent ransomware attacks on a number of Vietnamese enterprises show that the information systems of enterprises, especially the systems that manage and store a lot of user data, are just as important and need to be protected and secured as the information systems of government agencies.

“The Government’s Decree 85 on ensuring information system security has very clear regulations and requirements on criteria for classifying information systems into 5 levels. Information systems of state agencies or enterprises providing services to people need to be identified at their levels in order to have appropriate and corresponding measures and plans to ensure information security,” emphasized a representative of the Department of Information Security.

The Department of Information Security has also issued the 'Guideline for compliance with legal regulations and enhancing information system security at all levels' (Version 1.0), along with developing a 'Guideline for preventing and minimizing risks from ransomware attacks' for agencies, organizations and enterprises, aiming to ensure national cyberspace security. These are useful documents to help agencies and organizations smoothly implement information system security at all levels, meet the requirements, proactively prevent and protect the unit's important information systems from potential cyberattack risks.
Vietnamese businesses need to 'turn on emergency mode' after ransomware incidents at VNDIRECT and PVOIL Although there is no evidence that there is a ransomware attack campaign targeting Vietnamese businesses, experts say that businesses and organizations still need to urgently and immediately prioritize a number of things to protect important systems.