Ransomware is becoming increasingly popular and is a nightmare for businesses.

They mostly start from a vulnerability in agencies and organizations’ information systems. Attackers penetrate the systems, maintain their presence and expand the penetration sphere and control the organizations’ IT infrastructure, paralyzing the whole systems to force victims to pay a ransom.

The most dangerous feature of ransomware attacks is that attackers encrypt victims’ data with many different encryption algorithms at complex levels. In a newly released e-book about ransoware attacks, VSEC cited a report by Statista as showing that 72 percent of businesses worldwide experienced ransomware attacks in 2023, the highest figure ever reported. 

The reports on cyberattacks on information systems in Vietnam in the first months of the year showed a growing trend of APTs (advanced persistent threat), which encrypts data and tries to blackmail the recipient. At least four ransomware attacks to large corporations in Vietnam were successfully conducted. The victims were enterprises in the fields of securities, energy, telecommunications, and logistics.

The problem is that despite warnings by cybersecurity firms and experts, businesses believe that ransomware attacks only target large enterprises and organizations which have big data.

However, VSEC found that ransomware is not only a nightmare for large corporations, but also SMEs. VSEC has recently received a request for help from SMEs after their information systems were attacked.

In mid-June, a company with 100 workers in Hanoi became a victim of ransomware attacks. The hackers encrypted the data of the enterprise and paralyzed the internal exchange system.

The hackers requested ransom of VND20 million and after negotiations, and the business had to pay VND10 million to get back the data. After that, it contacted VSEC and asked to help inspect its information system and fix vulnerabilities.

VSEC noted that ransomware attackers now tend to target SMEs because the enterprises have weak information systems with vulnerabilities, and because it is easier to negotiate with the ransoms victims about pay.

When being attacked, most SMEs accept to pay a "reasonable ransom" to recover their information systems quickly. However, experts have warned that even when SMEs pay a ransom to hackers, hackers could come back and encrypt data for blackmail once again. And if their systems still consist of vulnerabilities, they will become the targets of other hackers.

Trong Dat