Warning information about ransomware has just been shared by expert Vu Ngoc Son, Head of Technology Research Department, National Cyber ​​Security Association.

Specifically, according to Mr. Vu Ngoc Son, in just the past 2 weeks, a series of Double Extortion Ransomware attacks have occurred consecutively and this is also likely to be the main trend of cyber attacks in 2024. The latest victims of this form of attack are Schneider Electric, Kansas City Public Transportation Authority (USA), British Library, ESO Solutions (USA).

Explaining further about this form of cyber attack, experts from the National Cyber ​​Security Association analyzed that double ransomware is a form of "terrorist" attack on victims.

Accordingly, first the victim's computer systems will be slowed down when all data will be inaccessible due to encryption. The victim is forced to pay a ransom to "redeem" the data decryption key. Next, the hacker can continue to sell this data on the black market, causing the risk of data leakage. In the sold data, there may be sensitive data, affecting the victim's business and production activities.

tan cong mang 3 1.jpg
Diagram of hacker's double ransomware attack. (Photo: NCS)

In Vietnam, although there has not been any official record of a similar incident with double ransomware in the past. However, system administrators need to be extremely vigilant because the time near Tet and the Lunar New Year holiday is always the favorite time of hackers. This is the time when systems will be "off" for a long time, administrators will not be on duty continuously as usual, if attacked, it will be difficult to detect, and the time to handle the incident will also be longer because forces cannot be mobilized as quickly as usual.

According to the NCS report, in 2023, many ransomware data encryption attacks were also recorded with serious consequences. Up to 83,000 computers and servers were recorded to be attacked by data encryption malware, an increase of 8.4% compared to 2022.

In particular, in the fourth quarter of 2023, the number of data encryption malware attacks increased sharply, exceeding the average of the first three quarters of the year by 23%. Some key facilities also recorded data encryption attacks during this time. The number of data encryption malware variants appearing in 2023 was 37,500, an increase of 5.7% compared to 2022.

W-tan-cong-mang-1-1pg-1.jpg
The increase in ransomware attacks on businesses and organizations is predicted to be one of the four information security trends in 2024 in Vietnam. (Illustration photo: NS)

In the newly released report on the risk of information security loss in Vietnam in 2023, Viettel Cyber ​​Security's technical system recorded at least 9 ransomware attacks targeting large companies and organizations in Vietnam. These attacks encrypted hundreds of GB of data and extorted at least 3 million USD, causing disruption and heavy damage to the targeted companies and organizations.

The trend of 'Ransomware as a Service' is on the rise and is focused on enterprise organizations. The sectors most affected by Ransomware in 2023 are large organizations and enterprises, especially in the fields of banking, finance, insurance, energy...

Viettel Cyber ​​Security experts also commented that increasing ransomware attacks on businesses and organizations is one of the four technology and information security trends in 2024 in Vietnam. Businesses around the world and in Vietnam can all become victims of ransomware. The top weaknesses leading to ransomware attacks on organizations often focus on people, software vulnerabilities and digital assets on the Internet such as websites and applications.

Actions taken by businesses to protect their organizations against ransomware attacks include: Focusing on employee training, increasing awareness of attacks in the form of emails with fake links, while increasing the identification of phishing forms and initial handling of suspicious files; Using data recovery and backup solutions, ensuring data integrity when attacked by encryption.

Along with that, businesses also need to increase the use of information security update solutions such as Threat Intelligence, promptly grasp the attack situation and proactively respond; Focus on managing digital assets and vulnerabilities, ensuring that important software and vulnerability patches are always updated regularly, minimizing attack surfaces; Deploy solutions to protect data and access rights through multiple layers of authentication.

At the same time, it is necessary to plan for information security protection for the entire system, continuously monitor information security and prepare for incident response, including protection solutions at all layers, handling and response procedures of personnel, and solutions when the system becomes the target of attack.

Many new malware targeting smartphone users will appear in 2024 In 2024, smartphone users are expected to face more new types of malware that can penetrate, exploit vulnerabilities and take control of phones, including devices running Android and iOS operating systems.