In recent times, many businesses in Vietnam such as VNDIRECT VPOIL… have spoken out about being attacked by data encryption. The incident caused disruption to operations and material damage to the image of the businesses involved.
Faced with this situation on April 5, Information Technology Journalists Club Vietnam news (Vietnam ICT Press Club) has coordinated with the National Cyber Security Association Organized the seminar “Prevention of ransomware data encryption attacks”.
The goal of the discussion is to update developments in the cybersecurity situation from the beginning of 2024 to the present. From there, experts attending the discussion will clarify the meaning of encryption attacks as well as give advice to businesses when encountering this situation.
Encryption Attacks: The War of the New Age
< p>According to Mr. Vu Ngoc Son, Technical Director of National Cyber Security Technology Joint Stock Company (NCS), the form of hacker attacks in recent times is relatively similar. They lie undercover for a while and then encrypt the data for ransom.
The method for a basic hacker attack as clarified by this expert includes 8 steps starting from intrusion detection… to encryption and ransom demand… and then repeat.
However, the techniques used in recent attacks are not the same. Therefore, it is possible that these are attacks by different cybercriminal groups.
“There is no evidence to show that this is an organized campaign,” Mr. Son affirmed. “However, this possibility cannot be ruled out because the incidents occurred continuously in a fairly short period of time.”
NCS’s cybersecurity expert predicts the story happening with VNDIRECT or VPOIL will be repeated again in the near future and will be encountered many times in the future.
Agreeing with this opinion, Mr. Le Xuan Thuy, Director of the National Cyber Security Center of the Ministry of Public Security, also believes that the frequency of attacks of similar incidents will increase more and more. focusing on large systems.
That is because the majority of Vietnamese businesses do not pay due attention to safety and security issues despite the rapid wave of digital transformation. and strong.
“Many companies have neglected information security systems or are linked to member units security but still weak… These are the main reasons why many companies become victims of attacks.”
In addition, there is a delay in notifying the authorities when an incident occurs. Trying to be confused without an investigation plan and hastily responding to restore the system… all make the situation worse and even lose traces of the attack.
We need to immediately abandon the mentality of “losing a cow to build a barn”
Speaking at the seminar, Mr. Pham Thai Son, Deputy Director of the National Cyberspace Safety Monitoring Center experts (Ministry of Information and Communications) emphasized that although the risk of cyber attacks in Vietnam is still high, the awareness of the majority of businesses on this issue is still not good.
“Variation from For us, there still seems to be a delay in converting awareness into action,” Mr. Son shared. “It seems like we have to see something happen before we can start to react. That’s not advisable at the current rate of information technology development.”
Mr. Vu Ngoc Son believes that cyber attacks are now increasingly professional in scale. Many attacks have scientific organizations behind them to research security vulnerabilities and even invest large sums of money to buy security vulnerabilities with the aim of increasing the success rate when performing the attack.
Therefore, businesses also need to flexibly adapt to improve the monitoring and response process instead of just focusing on conventional prevention.
“Cybersecurity is a war between people and people,” Mr. Son said. “It is inevitable that a system will be attacked. We must invest in defense to have better responses, especially to avoid the mentality of “losing cows to build a barn” and should consider this as a long-term process. resistance period”.
According to statistics, from the beginning of 2023 until now, there have been more than 13,750 cyber attacks on computer systems. Information system in Vietnam causes problems. In particular, in the first 3 months of this year alone, the number of cyber attack incidents on information systems in Vietnam was 2,323.
Faced with this issue, the Information Security Department has asked agencies to organize Business organizations in the coming time will focus on implementing a number of other tasks such as: Reviewing the organization and implementation of information security assurance by level; Organize and effectively implement regularly and continuously the work of ensuring information security according to the 4-layer model; Develop incident response plans for information systems under management; Implement a plan to periodically back up systems and important data to promptly restore in the event of a data encryption attack…
According to current statistics, Vietnam meets over 90% of the requirements. solutions to ensure domestic network security. Vietnam is also one of the few countries that can be self-sufficient in cybersecurity solutions. Vietnam also has a full range of network security products and solutions such as transmission protection, firewall, monitoring, attack detection and anti-attack…
However, Vietnam’s network security solutions Vietnam still faces many difficulties in competing with foreign solutions such as lack of human resources, lack of investment capital, lack of Government support, lack of customer trust…
Because There needs to be synchronization and coordination between domestic and international business organizations and agencies to improve the quality and effectiveness of Vietnam’s cybersecurity solutions. Especially the efforts of businesses that research and develop Made in Vietnam solutions are needed.
“