More than 8 million login hacking attacks on Vietnamese businesses

Businesses in Vietnam are the most exposed to cyber attacks aimed at cracking passwords and login credentials in Southeast Asia.

Hơn 8 triệu cuộc tấn công bẻ khóa đăng nhập nhắm vào doanh nghiệp Việt - Ảnh 1. — Businesses in Vietnam are being attacked with the most system login "cracking" attacks in Southeast Asia - Photo: KASPERSKY

According to a recently released report, security firm Kaspersky has detected and blocked a total of nearly 23.5 million cyber attacks in the form of Bruteforce.Generic.RDP. targeting businesses in the Southeast Asia region.

A bruteforce attack is a method used by cybercriminals to guess login credentials, encryption keys, or find a hidden website by trying all possible combinations of characters until they find the right result.

If successful, attackers can access personal data and important information, thereby installing and spreading malware, and even taking control of the system to carry out other crimes.

Remote Desktop Protocol (RDP) is a proprietary Microsoft protocol that provides a graphical interface for users to connect to other computers over a network. RDP is widely used by system administrators and non-technical users to control servers and computers remotely.

Bruteforce.Generic.RDP attacks focus on finding valid login/password pairs by trying all possible character combinations until the correct password is found to access the system. If successful, the attacker will find the correct login/password and gain remote access to the target computer.

With more than 8.4 million password cracking attacks in the first half of 2024, businesses in Vietnam became the most targeted group in Southeast Asia. Indonesia and Thailand followed closely behind with 5.7 million and 4.2 million recorded RDP attacks, respectively.

Meanwhile, Singapore recorded more than 1.7 million cases, the Philippines more than 2.2 million and Malaysia recorded the least with more than 1 million attacks.

“Although bruteforce attacks are an old method, businesses cannot ignore this risk,” said Yeo Siang Tiong, general manager for Southeast Asia at Kaspersky.

Bruteforce attacks remain a potential threat to the region, as many organizations and businesses still use weak passwords, creating loopholes for attackers.

Additionally, the lack of multi-factor authentication (MFA) on RDP connections as well as incorrect RDP configuration also increases the risk of organizations and businesses being attacked by bruteforce methods.

More dangerous attacks thanks to artificial intelligence cracking logins

“Cybercriminals are leveraging AI to automate the process of generating and testing passwords faster and more efficiently, increasing the power of bruteforce attacks,” Yeo added. “Once an attacker has remote access to a corporate computer, the consequences can be devastating. Organizations can suffer data breaches or operational disruptions in the event of a system breach. This can be financially devastating as organizations face costs for downtime, recovery efforts, and even regulatory fines.”

Source: https://tuoitre.vn/hon-8-trieu-cuoc-tan-cong-be-khoa-dang-nhap-vao-doanh-nghiep-viet-20241226090021768.htm