NCS experts predict that attacks of this kind will continue to increase for the remaining months of the year.
The Vietnam National Cyber Security Technology Corporation (NCS) has published a report on cybersecurity in the first six months of 2023, showing that there were 5,100 cases during that time, down 12 percent compared with 2022.
However, the number of APT attacks on important establishments increased by 9 percent compared with the same period last year. Important establishments are agencies which contain important and influential data, and are the favored aim of hackers.
The APT attacks were mostly carried out by one of three ways: attacking users via emails, attached with document files with malware or links to appropriate users’ accounts; attacking via holes of software on server, mostly systems using Microsoft’s software such as Exchange, SharePoint; and attacking vi holes of websites, especially SQL Injection, or detecting password of websites and servers’ administrators.
After successfully penetrating a part of the system, which can be a user's computer or a vulnerable server, hackers carry out undercover activities, collecting log-in information and expanding attacks to other computers in the same network.
APT attacks could last a couple of weeks, or even several months. Many agencies and organizations still don’t have SOC (security operations centers), or they have SOC, but still cannot collect enough logs and don’t have specialists in charge of cybersecurity.
Therefore, when attacks and data loss are discovered, hackers even have enough time to erase all traces of intrusion, thus putting difficulties for the investigation and troubleshooting process.
400 websites with gambling ad codes
The report also mentions the outbreak of online scams and hacking of agencies and organizations with domain names ".gov.vn" and ".edu.vn" with the aim of inserting gambling and betting advertisement codes.
Despite warnings, the number of victims of phishing cases keeps increasing, with losses of up to hundreds of millions of VND.
The most common cases were the ones when victims were contacted by hackers and promised that they would be helped to find ‘good jobs with high salaries’. However, the ‘field of action’ of hackers has moved from Zalo to Telegram. Telegram allows to easily set up groups of high numbers of people and it doesn’t bear the control of Vietnam’s management agencies.
With the design of the social network, hackers can quickly recall messages, images and eliminate groups once they are discovered to escape investigations.
Van Anh