The manufacturing industry in Vietnam, with its tendency to attract international investment, is also becoming a top target for ransomware attack groups. Faced with this risk, Viettel Cyber ​​Security (VCS) organized a workshop on Ransomware Response Strategy specifically for the manufacturing industry, which took place on June 12 at Thang Long Industrial Park, attracting more than 30 businesses to participate.

Manufacturing businesses - favorite "prey" of ransomware attacks

“We still monitor and report to our boss that the company is not attacked. Therefore, we are always asked why we have to increase investment in information security,” a business representative asked, which is also a common question of many units in Vietnam.

According to Mr. Bui Trung Thanh - Solution Consultant at VCS, it is necessary to recognize the fact that cyber attacks are continuously increasing significantly and are becoming more and more complex in attack forms. Statistics from VCS's Threat Intelligence system in the first quarter of 2024 show that the number of data encryption attack campaigns has increased by 70% compared to the same period. Globally, many large manufacturing enterprises have also become victims of ransomware, suffering hundreds of millions of USD in losses.

The above reality shows that anyone can become a victim of ransomware, especially when this form of attack has transformed into a business model (RaaS) that is easy to deploy and execute. The characteristic of this form of attack is that hackers often install malicious code in the enterprise system for a long time, up to 200 days, to grasp weaknesses and identify important data of the system. Many businesses are hacked without knowing and miss the opportunity to prevent it early. "They only know when the data is encrypted. By then it is too late and the consequences are much greater than the money spent on information security," said Mr. Thanh.

In the manufacturing sector, businesses have become the favorite “prey” of hackers due to their willingness to pay. According to VCS experts, in addition to the lack of highly specialized IT security personnel to respond to complex attacks, the risk to manufacturing businesses also comes from the IoT trend, which creates more and more doors for hackers to penetrate. Many units still use old IT systems, while smart production lines and complex supply chains with many third-party partners spread around the world make it even more difficult to ensure IT security standards.

Manufacturing enterprises need a companion on information security

According to Ms. Bui Thi Hoa - Manager of the Program accompanying enterprises to mature information security (Viettel Cyber ​​Security Maturity Program - CSMP) of VCS, the companionship of a unit specializing in information security will be a necessary piece for manufacturing enterprises.

CSMP is a special program that helps participating partners receive comprehensive support in information security, including: Management, measurement and maturity consulting, system intrusion assessment, incident response - ready to stand side by side when businesses encounter information security risks, practical training, updating relevant intelligence information quickly and accurately to detect risks early. The program was born with the goal of comprehensively protecting businesses and organizations from cyber security threats, solving the problem of shortage of information security personnel and optimizing long-term investment costs.

Packed with practical experience accumulated over 10 years of working and researching information security, accompanying and supporting more than 100 domestic and international customers, VCS will transfer its most valuable knowledge, lessons and experiences into a training program exclusively for partners participating in CSMP. “Previous experiences and lessons were only trained internally at VCS to improve service quality to customers. This is the only program we implement to share information security knowledge to the outside to directly improve the information security capacity of partners,” said Ms. Hoa.

When participating in the CSMP program, manufacturing enterprises not only take advantage of human resources and knowledge, but also are committed to service quality and solve the problem of costs because 100% of products and services are researched and self-developed by VCS according to the context and characteristics of the domestic market, and are competitive with international companies.

At the event, one of the areas that attracted the most attention was the consulting and assessment tables for IT security health for businesses in a direct 1-1 format. From there, businesses were given a preliminary assessment of their IT security health, received specific recommendations based on each weakness, and then had appropriate investment directions. This also demonstrated VCS's desire to accompany manufacturing businesses.

Dang Nhung