VietNamNet Bridge – The Vietnam Computer Emergency Response Team (VNCERT) has drawn the public’s attention to a new attack method through local networks. Many attacks have targeted state agencies and organizations.

{keywords}

According to VNCERT director Vu Quoc Khanh, hackers can easily steal passwords of accounts in agencies’ local networks and then penetrate the local networks to do harm. The attacks are carried out with increasingly sophisticated tools and methods.

Khanh said VNCERT is drafting a document that would provide guidance to LAN administration bodies on how to check their networks regularly and prevent malware.

Nguyen Minh Duc, a renowned security expert from FPT, the Vietnamese largest information technology group, said in fact, attacking through LAN is not a new method. Many attacks of this kind have been reported.

Also according to Duc, many types of viruses have been spread through LAN. Worm Conficker, for example, can be spread through both USB and LAN, which may lead to the enterprises’ operation stagnating or leaking of important data.

Tran Quang Chien from SecurityDaily, an IT website, confirmed that a ministry was the victim in a recent attack of this type, in which malware was injected into a computer which then attacked other computers on the same local network.

Vu Ngoc Son, vice president of BKAV, a well-known internet security solution provider, explained that the computers within local networks tend to “communicate” with each other more freely than within the internet.

The computers in a LAN are like members of a family; therefore, if one of the computers becomes infected with viruses, it would be exploited by hackers to attack other members.

Also according to Son, hackers can easily attack computers of the same LANs in similar environments because of operation systems and software installed on the systems. Hackers, once they successfully penetrate one computer, can easily guess how other computers work.

Within LANs, hackers can easily conduct the sniffer or turn infected computers into counterfeit gateways, through which information will be transmitted before going to the internet.

This allows hackers to control important data, including passwords and accounts, that help them attack other computers which contain more important data.

When asked about the solutions to the problem, Son said it would be better for organizations and businesses to equip their LANs with an anti-virus comprehensive solution which would prevent viruses on gateways, servers and the entire network.

The solution would be managed on a single server or many decentralized servers, protecting every computer and the whole network against risks of viruses, Trojan, rookit, spyware and malware.

With the solution, administrators would be provided reports about the operation of the entire system. They would know what types of viruses are being spread throughout the networks, which computers get infected with viruses and how the viruses have been treated.

The information would help administrators to take prompt action to minimize the risks which may affect the whole system. If viruses are discovered, administrators can conduct teleprocessing operations, and therefore, save money and time.

Buu Dien