Strengthening the defense system

Agencies and businesses are increasingly facing many malware attacks.

The victim's weak resistance

Cyber ​​attack is the illegal intrusion into a computer system, website, database, network infrastructure, or device of an individual or organization via the internet for illegal purposes.

Currently, there are many forms of attacks on agencies and businesses from hackers, such as attacks using malware, attacks on Zero-day vulnerabilities, remote code execution attacks, attacks on e-commerce systems for the purpose of blackmail, information theft, targeted network attacks, attacks related to social engineering, attacks via email phishing (email spoofing), smishing (phishing attacks via SMS-phone messages), attacks via search engines...

There are many reasons why agencies and businesses become the target of attacks; these include the lack of strong enough security measures for network and computer systems; failure to update new software, operating systems and applications; lack of understanding of network security on the part of users... Due to lack of understanding, many people open attachments of unknown origin or click on malicious links, which inadvertently "helps" cyber criminals attack. Many attackers have targeted the data warehouses of agencies and businesses, taking control of the data to threaten and demand ransom. Many units, after being attacked, lack a recovery plan, so they continue to be attacked and then, overcoming the consequences becomes extremely difficult.

With the constant change and development of science and technology, ransomware attack techniques and tactics have also changed a lot. When ransomware infects a computer, it will encrypt or block access to data of agencies and businesses. To operate normally again, users must transfer money to the account to remove the ransomware. Worldwide, ransomware attacks on small and medium-sized enterprises have increased by 150% in the past two years. In Vietnam, according to statistics from NCS Cyber ​​Security Company, in the first six months of this year, there were 5,100 cyber security attacks on systems.

Cybersecurity is not a normal investment

With the mindset of "if it's not broken, why replace it?", many agencies and businesses believe that the solutions they have invested in are enough, so why do they need to invest more budget in new solutions?

Indeed, most physical assets will last for many years before needing to be replaced. Agencies and businesses can comfortably keep old, outdated IT hardware and software for years, updating them only when the need arises. However, the fluidity of the security landscape has made the field of cybersecurity unique. For example, AntiVirus was an indispensable defense tool for a while, but today, cybercriminals have surpassed standard AntiVirus tools and can attack continuously. That requires a more advanced defense tool to protect the information security of each agency and business.

To prevent attacks and reduce the impact of attacks on system operations, agencies and businesses need to take many measures. First of all, back up data; the most effective way to handle ransomware attacks is to use the 3-2-1 backup rule: store at least three separate versions of data on two different types of storage with at least one offsite version.

Also, use third-party security services. Hiring a consultant or a managed security service provider (MSSP) to conduct regular system audits and assessments can significantly reduce the risk of an attack. When choosing a partner, be clear about the scope of the assessment. This is an important step to ensure the best possible work. Over time, ransomware attack techniques have changed and become more diverse. Phishing is still the first step of the attack. Investing in anti-phishing software and training is essential. At the same time, ensure that the selective alert configuration is continuously improved.

Every agency and business also needs to have a ransomware defense plan. This plan helps determine who is responsible as well as the necessary steps to prevent, combat and handle after a ransomware attack. And finally, buy ransomware insurance. Similar to car insurance, this is a fairly common business activity today. The average price for a company of 50 people is only 2,000-3,000 USD/year, much lower than the consequences of an attack.

In general, cybersecurity is a field with many innovations in adjusting protective technologies, whether directly or indirectly, to make the system capable of defending against cyber attacks. In order to not become victims of many serious cyber attacks, agencies and businesses must calculate to keep up with the speed of new technologies, while balancing budgets and resources while still ensuring to meet security needs.