Malware threatens businesses in digital age

The digital economy has more opportunity for cyberattacks, especially from ransomware. The more businesses and users use technology online, the more opportunities hackers have to expand their attacks.


In 2017, WannaCry, a type of malware with the ability to infiltrate, lock and encrypt important data on users' devices, infiltrated and took control of more than 1,900 devices in Vietnam and forced many organizations to pay thousands of US dollars to restore the database.

In 2019, Vietnam had the highest encounter rate with ransomware in Asia - Pacific, with losses estimated up to $900 million recorded from this cyber-attack.

The rise of ransomware has worsened the situation, especially since the Covid-19 pandemic. The rapid digitalization has become a catalyst for unpredictable damage.

In 2020, up to 5,100 cyber-attacks were recorded in Vietnam and the economy suffered a loss of up to $1 billion. In 2021 it looks like the consequences will surpass the number of 2020, when by July alone there had been 3,900 cyber-attacks reported.

Email security also needs to be a top priority for companies because email spoofing is one of the most common attack methods. Vietnam recorded 547 phishing attempts in the third quarter of 2021. Ransomware attackers 'baited' users to click on links or disguised files in their emails, which downloaded malicious code into the devices of users.

According to Kaspersky's IT Security 2020 survey, Indonesia, Thailand and Vietnam experienced the most phishing attacks in the region in 2020. As Vietnam's digital economy is forecast to hit $52 billion by 2025, local businesses will face more sophisticated cybersecurity risks.

Ransomware is a problem of not only Vietnam but many countries around the world. Colonial Pipeline, America's largest pipeline system for refined oil products, had to close in 2021 because its information technology network was attacked, causing major disruptions to gas distribution. Just a day later, the company had to pay a ransom of $5 million.

Hackers injected malicious code into VSA software - a tool that allows small and medium businesses to control their networks of computers and printers remotely, as well as automatically perform security updates and server maintenance periodically. They demanded a ransom of $70 million to restore all the data of the affected businesses.

But paying the ransom does not always return the expected results. Some 33% of companies affected by ransomware globally in 2019 decided to pay the ransom, but up to 22% of them never regained access to data and 9% even faced more attacks.

What is ransomware?

Ransomware is one of the most notorious types of cybercrime. It is a piece of malicious code that attacks through emails, texts, advertisements, or other forms of communication that appear to be innocuous.

What makes ransomware so dangerous is that it doesn't just stop at infiltrating or damaging files and devices. Ransomware gains access to a device or database often by masquerading as a suspicious file or link.

Hackers demand a big ransom for the unlocked password, and failure to pay within the deadline they offer will often result in the data being destroyed or publicly released. This can have dire consequences such as a serious breach of user privacy and/or disclosure of trade secrets.

With more organizations moving to the cloud to accelerate their digital transformation, stronger protection of endpoint of devices is needed to protect as well as fight against ransomware because ransomware can also take advantage of the enhanced, always-open connectivity nature of the cloud to increase its spread.

A malicious software or application on an infected device may request access to the organization's cloud. Once granted, the program can then encrypt data directly in the cloud and even pass it on to other connected users, from which the attack is rapidly multiplied at a high rate, causing huge damage to the business.

Businesses and organizations that regularly process sensitive and important data or need constant access to data are more likely to be a target for ransomware.

Preventing attacks

Nguyen Son, vice president in charge of solutions and services of Cloud4C, says that facing the consequences of ransomware attacks such as serious disruptions in business as well as a huge loss of money, "prevention is better than a cure".

The first step that Vietnamese organizations and businesses should take is to solidify their security infrastructure with a strong, trusted endpoint security solution.

Cybersecurity solutions are often installed on endpoint devices that help detect and prevent malware from infecting devices in the first place. Other preventive functions include security upgrades for each device and warn users against malicious websites or directories.

According to Son, many people are using personal devices to work from home, which is more convenient but causes a serious problem in network security. Personal devices are generally much less secure than business devices because they often have lower layers of protection or access the Internet over unprotected networks.

As employees' security risks are often the greatest, businesses should reduce risk by providing cybersecurity training courses by IT professionals to their employees, as well as ensure that employees can identify threats and adhere to security protocols to avoid creating security holes.

According to the expert, ransomware attacks are evolving and becoming more sophisticated, so improvement and updates are always essential in the action plan.

Vietnamese organizations and businesses need to keep pace with the development of the digital economy, take advantage of the expertise of a third party, and maintain their strong security infrastructure to confidently pursue development in the digital technology era.

In 2019, the Vietnam Cybersecurity Emergency Response Teams/Coordination Center (VNCERT/CC) was established. The new e-Government development strategy for the 2021-2025 period was announced in 2021, taking safety and network security as one of the nation's key tasks.

In 2020, Vietnam ranked 25th out of 182 countries in the Global Cybersecurity Index 2020 of the International Telecommunication Union (ITU). This was the highest ever ranking in the index for Vietnam.

Nguồn: VNN