At the Vietnam Information Security Day 2023 held recently, new information about the escalation of cybercriminal types was shared among information security units at agencies, organizations and businesses.
Pramut Sriwichian from Veritas said at the workshop on ensuring information security for data infrastructure on November 30, an event within the framework of the day, that the number of ransomware attacks has been increasing rapidly since 2019.
The main attack method used by hackers is installing malware in systems. The malware will hide inside the systems, scan vulnerabilities to collect data, and then encrypt data to demand ransom, or sell in the black market. The average time malware can exist in information systems without being detected is 73 days.
Many large corporations and commercial banks have become victims of the escalation of these types of attacks and have to pay money in exchange for stolen data.
According to the expert, the victims of the attacks are mostly in European countries and the US. Attacks might also be carried out in Asia, but not all businesses and organizations report attacks. That is why statistics about cybercrimes may not reflect the real situation.
In Vietnam, according to Statista, there were many security incidents that occurred in 2017-2022. A high number of attacks was recorded in 2017, while the figures decreased in 2018 and 2019 before rising again in recent years.
“The number of cyberattacks targeting Vietnam is extremely high. If Vietnam wants to become a digital hub of the world, it has to solve the data security problem,” he commented.
According to Trieu Hong Bien, a security expert from CheckPoint, the work-from-home tendency which became more popular after Covid-19, has enlarged the attack surface for hackers. In addition, the strong rise of generative AI is also a growing trend that cybersecurity staff need to pay attention to.
ChatGPT can be used by hackers as a tool to write phishing mails. However, ChatGPT has set some limits on ChatGPT’s answers for ethical purposes.
However, in the underground world, many rivals of ChatGPT have appeared, including WormGPT, WolfGPT and FraudGPT and tools don’t bear any restrictions.
“There are many such generative AI (artificial intelligence) tools being developed on dark webs and they have posed the highest ever danger to information security,” Bien said.
Cyberattacks have developed to a new level when hackers provide attacks as a service. They not only accept purchases as usual, but also offer other options to ‘buyers’, including sharing profits with buyers under the mode of binary compensation plan like the one used in MLM business.
Major General Le Minh Manh, Deputy Director of the Department of Cyber Security and High-Tech Crime Prevention (A05) under the Ministry of Public Security, said cyberattacks are conducted more and more regularly.
The main goal of hackers is attacking information networks of state agencies and large corporations to steal information, internal data, and State secrets.
Hackers use sophisticated methods and tricks, constantly upgrading and improving malicious code lines, and exploiting the political and social situation in Vietnam to adjust their cyberattack campaigns.
The illegal collection and exchange of information and personal data is being implemented blatantly on many forums and internet chat groups.
Some domestic and foreign companies have been found using specialized tools and software to quietly exploit and collect data about users, forming personal data stores for sharing and trading in the market.
Manh stressed that the activities of cybercrimes are increasing in terms of number and severity, causing social anger and property damage to people.
Nguyen Thanh Hung, chair of VNISA (Vietnam Software & Information Technology Services) said the boom of cloud computing and AI has raised worries about the challenge for information security of individuals and organizations.
Deputy Head of the Authority of Information Security (AIS) Tran Dang Khoa reported that in the first 11 months of 2023, AIS found, warned and gave instructions on how to handle 11,428 cyberattack incidents, an increase of 1.9 percent over the same period last year. There were 456,699 Vietnam’s IP addresses in botnets, down 4.7 percent.
Trong Dat