Network attacks occur continuously on a large scale

The incident of being attacked by data encryption malware - ransomware, which occurred at one of the top 3 securities firms in the Vietnamese stock market on the morning of March 24, has caused many concerns for many businesses and organizations. The incident is being resolved, data has been decrypted, the search system is back in operation, and users are advised to change their usernames and passwords to minimize information leakage and control their accounts.

Additionally, over the past week, another e-commerce company has also fallen victim to cybercriminals. The world's largest hacker groups are becoming increasingly sophisticated and organized, with Vietnam being a prime target for these groups. Ransomware attacks have been a haunting concern for businesses and organizations worldwide in recent years due to the severe consequences they can cause.

Mr. Nguyen Minh Hai, Technical Director of Fortinet Vietnam, said that depending on the severity of the attack, the level of preparedness, and the effectiveness of the response plan, the time required to recover the system after a ransomware attack can vary greatly, ranging from a few hours to several weeks for complete restoration, especially in case of requiring the recovery of a large amount of data.

“As part of this recovery process, it involves ensuring that the data encryption malware has been completely removed from the network and no backdoors are left behind that could allow attackers to regain access," Mr. Nguyen Minh Hai stated. (According to VietnamNet)

The network attack incident resulted in the encryption of all data, leading to disruptions in business operations. The restoration of systems and data after a ransomware attack is a complex and time-consuming process, especially for entities that manage large amounts of data.

Small vulnerability, big risk

According to authorities, information security in Vietnam is currently at a moderate level. Statistics from NCS show that in 2023, up to 83,000 computers and servers in Vietnam were affected by ransomware attacks. Recent events have sounded alarm bells for businesses still uncertain about the safety of their data assets. These incidents serve as reminders of the hidden dangers of ransomware attacks and underscore the importance of effective prevention and response measures.

Understanding the 'paths' hackers commonly use to infiltrate systems can help organizations defend against potential attacks.

Common attack methods include:

• Exploiting Software Vulnerabilities: One of the most common pathways hackers use is exploiting vulnerabilities in operating systems, applications, or web software. These vulnerabilities can allow them to execute malicious code, gain unauthorized access to systems, or elevate their privileges.
• Phishing Attacks: Phishing is one of the most effective cyber attack methods. Hackers use emails, messages, or spoofed websites to deceive users into providing login information or downloading malware. Phishing emails are often designed to look like legitimate emails from reputable organizations, such as banks or service companies. 
• Brute Force Attacks: Brute Force attacks are the solution involving attempting to guess passwords or PINs using automated software. Hackers use these tools to try numerous passwords until they find the correct one. This method is often used to target accounts with weak passwords.
• Zero-day Attacks: Zero-day attacks are particularly dangerous as they exploit security vulnerabilities unknown to the software developer. Hackers typically use malware or sophisticated attack techniques to exploit these vulnerabilities.

• Social Engineering Techniques: Social Engineering is a method of attack that exploits psychological factors to trick users into disclosing sensitive information or performing dangerous actions. Hackers often use techniques such as deception, impersonation, or intimidation to achieve their goals.

Cybersecurity offers only temporary safety, not permanent security.

Hackers constantly seek new pathways to infiltrate network systems, making every individual and business vulnerable. Therefore, enterprises and individuals need to implement effective preventive measures to minimize the risk of attacks not only at one point in time but continuously and consistently.

To prevent ransomware attacks, businesses need to implement the following measures:

• Regular System Updates: Keeping systems updated helps to patch vulnerabilities and detect potential entry points for hackers, thus enhancing appropriate security measures.

Security Assessment Services provided by HPT include: Penetration Testing Service, Security Configuration Assessment Service

• Utilize Security Software: Security softwares can help detect and prevent ransomware attacks.
• Regular Data Backups: Regular and continuous data backups enable businesses to effectively respond to and recover data in case of a ransomware attack.
• Centralized Monitoring and Standardized IT Operations Procedures to ensure that procedures are implemented on information systems in accordance with recommended information security regulations, and to limit the 'loopholes' through which hackers can infiltrate.

Learn more about Information Security Monitoring and Alerting Solution, HPT's 24/7 SOC Monitoring and Alerting Service

• Having a plan to invest in enterprise security and being well-prepared to respond to attacks: According to a survey by KPMG, out of 142 CEOs from banks worldwide, only 54% reported that their businesses were well-prepared for cyber attacks. A good solution is to be well-prepared, so there's no time to hesitate; businesses need to build a plan to protect their enterprise data assets today.
• Raising awareness among employees: User awareness is paramount to ensuring the safety of enterprise data assets. It's essential to enhance employee awareness of the risks of ransomware attacks, how to recognize them, and preventive measures.

Enhancing user login information security and preventing authentication attack behaviors with YubiKey
Explore YubiKey products further on HPT's official online store: https://hpttechstore.com/

HPT - A leading and reputable provider of security solutions for enterprises.

Ensuring data safety for businesses is always considered a top priority, as data is the backbone of any enterprise. With nearly 30 years of experience in the IT industry, particularly in information security, HPT is committed to accompanying businesses in finding the most optimal and suitable solutions to enhance security and data safety. HPT's team of top experts is always ready to advise and address any customer inquiries.

Contact HPT today!

Email: [email protected]

Phone: 028 38 266 206