In the first 6 months of 2023, Bkav's Technical Support Center received hundreds of calls requesting ransomware treatment. Bkav's virus monitoring system also recorded that in the first half of this year, more than 77,000 computers in Vietnam had their data encrypted. Studying the rapid spread of this virus strain, experts pointed out the "Achilles heel" that caused many organizations to be extorted by ransomware.
Data Encryption Virus – A Ransomware Tool
In early May 2023, a large enterprise with a team of experienced administrators was aware that its system was attacked by ransomware, and all of its more than 10TB of data was encrypted. The hackers demanded more than 4 billion VND in exchange for the decryption key. The problem was that the system of this unit was not protected by a strong enough anti-virus software.
 |
Paying a ransom is not the solution to ransomware. |
In mid-May 2023, another company was attacked by hackers and their servers and personal computers were encrypted at midnight. The hackers demanded $9,000 in ransom for each encrypted computer. Bkav experts discovered that the system had been attacked by the Jianliang encryption virus, which had never appeared before.
Bkav's virus monitoring system also detected the STOP/DJVU or FARGO3 data encryption malware, which targets businesses and units using accounting data management software. According to statistics, a total of 261 servers were hacked from more than 6,000 different IPs.
Achilles heel
Mr. Nguyen Tien Dat, General Director of Bkav's Malware Research Center, said that these are just examples of many cases showing the subjectivity of system administrators, causing ransomware to run rampant. Among the hundreds of cases that contacted Bkav for help, more than 50% of organizations and individuals did not use anti-virus software or installed insufficient protection applications.
In particular, there are units that have a lot of important data but are frugal, using free antivirus software. Free antivirus software is capable of handling common types of malware, only suitable for protecting data that is not too important because it does not have the ability to automatically detect and completely destroy data-encrypting viruses.
 |
| Illustration photo. |
Data encryption malware uses many methods to attack: Exploit web service vulnerabilities, brute force password scanning on SQL services, operating system vulnerabilities, to directly attack the server. Another way is to attack a personal computer, from there silently scan, penetrate deep into servers and other computers in the network...
“The consequences of data encryption incidents are often devastating because data recovery is almost impossible. Even if the victim agrees to pay, there is no guarantee that they will get their data back from the hacker,” said Mr. Nguyen Tien Dat.
To avoid data encryption attacks, experts from Bkav recommend that users and system administrators regularly back up important data; do not open internal service ports to the Internet when not necessary; evaluate the security of services before opening them to the Internet; and install strong enough anti-virus software for constant protection.
VIETNAM RUSSIA
Source
Comment (0)