Hanoi (VNA) - The amount of personal information stolen in cyberspace increased by 50% in the first six months of this year compared to the same period in 2023, according to a report on cyber security situation released on August 26 by the Military Industry and Telecoms Group (Viettel).
It said the number of websites impersonating organisations and businesses rose four times in the reviewed period, increasing the number of scams and financial frauds.
The report provided information on data leaks and security vulnerabilities affecting Vietnamese businesses, ransomware attacks, and denial of service attacks (DDoS).
Statistics from Viettel Threat Intelligence showed that information security risks were rising during January-June. Specifically, 46 data leaks of businesses and organisations in Vietnam were recorded in the reviewed period. Of these, the most leaked information was customer information and purchase information from businesses in the retail sector.
About 17,000 new vulnerabilities emerged in cyberspace, of which more than half were at high and serious levels according to the Common Vulnerability Scoring System (CVSS). Among them, 71 vulnerabilities are at risk of affecting organisations and businesses in Vietnam.
During the January-June period, the amount of data encrypted by attacks reached 3 Terabytes with a total estimated loss of more than 10 million USD. Many attacks were reported in various fields such as finance, public services, information technology, and manufacturing.
Viettel Threat Intelligence recorded that 56 organisations in these fields were initially attacked with ransomware but had not had their data encrypted. In addition, there were about 500,000 DDoS attacks, a year-on-year increase of 16%.
Viettel Cyber Security (VCS) company recommended that organisations and businesses review backup systems, ensuring that backup data is physically and logically separated from the main systems, and can be recovered when the main system is under attack.
Businesses should tighten access rights and manage servers and access control systems, add multi-factor authentication mechanisms for key systems and accounts, and regularly update patches for internet-facing applications. It is essential for them to proactively grasp information about cyber attack incidents and trends to take the initiative in handling and ensuring information security, VCS added./.