Malware threatens businesses in digital age

The digital economy has more opportunity for cyberattacks, especially from ransomware. The more businesses and users use technology online, the more opportunities hackers have to expand their attacks.

In 2017, WannaCry, a type of malware with the ability to infiltrate, lock and encrypt important data on users' devices, infiltrated and took control of more than 1,900 devices in Vietnam and forced many organizations to pay thousands of US dollars to restore the database.

The rise of ransomware has worsened the situation, especially since the Covid-19 pandemic. The rapid digitalization has become a catalyst for unpredictable damage.

In 2020, up to 5,100 cyber-attacks were recorded in Vietnam and the economy suffered a loss of up to $1 billion. In 2021 it looks like the consequences will surpass the number of 2020, when by July alone there had been 3,900 cyber-attacks reported.

Email security also needs to be a top priority for companies because email spoofing is one of the most common attack methods. Vietnam recorded 547 phishing attempts in the third quarter of 2021. Ransomware attackers 'baited' users to click on links or disguised files in their emails, which downloaded malicious code into the devices of users.

According to Kaspersky's IT Security 2020 survey, Indonesia, Thailand and Vietnam experienced the most phishing attacks in the region in 2020. As Vietnam's digital economy is forecast to hit $52 billion by 2025, local businesses will face more sophisticated cybersecurity risks.

Ransomware is a problem of not only Vietnam but many countries around the world. Colonial Pipeline, America's largest pipeline system for refined oil products, had to close in 2021 because its information technology network was attacked, causing major disruptions to gas distribution. Just a day later, the company had to pay a ransom of $5 million.

Hackers injected malicious code into VSA software - a tool that allows small and medium businesses to control their networks of computers and printers remotely, as well as automatically perform security updates and server maintenance periodically. They demanded a ransom of $70 million to restore all the data of the affected businesses.

But paying the ransom does not always return the expected results. Some 33% of companies affected by ransomware globally in 2019 decided to pay the ransom, but up to 22% of them never regained access to data and 9% even faced more attacks.

What is ransomware?

Ransomware is one of the most notorious types of cybercrime. It is a piece of malicious code that attacks through emails, texts, advertisements, or other forms of communication that appear to be innocuous.

What makes ransomware so dangerous is that it doesn't just stop at infiltrating or damaging files and devices. Ransomware gains access to a device or database often by masquerading as a suspicious file or link.

Hackers demand a big ransom for the unlocked password, and failure to pay within the deadline they offer will often result in the data being destroyed or publicly released. This can have dire consequences such as a serious breach of user privacy and/or disclosure of trade secrets.

With more organizations moving to the cloud to accelerate their digital transformation, stronger protection of endpoint of devices is needed to protect as well as fight against ransomware because ransomware can also take advantage of the enhanced, always-open connectivity nature of the cloud to increase its spread.

A malicious software or application on an infected device may request access to the organization's cloud. Once granted, the program can then encrypt data directly in the cloud and even pass it on to other connected users, from which the attack is rapidly multiplied at a high rate, causing huge damage to the business.

Businesses and organizations that regularly process sensitive and important data or need constant access to data are more likely to be a target for ransomware.

Preventing attacks