Vietnam has recently entered the top 10 countries with the most ransomware attacks in the world . This malware has increased dramatically in 2023 when the rate of businesses and organizations attacked was 66%. However, in the first half of 2024 alone, this number has reached 59%.
Ransomware is a type of malicious software that aims to extort money from victims by encrypting data on computers/systems. Due to its sophistication and ability to spread, ransomware has quickly become one of the biggest challenges to cybersecurity today. Therefore, improving security capabilities has become a mandatory task for every organization and business.
Increase in both number and method of attacks
According to the Information Security Report conducted by the Information Security Center (Vietnam Posts and Telecommunications Group - VNPT ), ransomware attacks are increasing in both number and attack methods.
The number of new vulnerabilities in the first months of 2024 increased by 64.33% compared to the same period in 2023, especially vulnerabilities with a severe level. Data breach incidents also tended to increase as hackers began to target the systems and infrastructure of organizations and small and medium-sized enterprises with an increase of 22.22% compared to the same period.
Experience from major attacks shows that malware can be planted in the system by hackers for a long time and just wait for the right opportunity to encrypt data and then blackmail the victim. The consequences not only cause property loss but also seriously affect the reputation of organizations and businesses.
Deputy Director of Viettel Cyber Security Company Le Quang Ha said: Ransomware has appeared since 2009-2010. However, in the past, this form of attack was often simple, mainly targeting individual users to encrypt documents on computers, personal data to demand ransom. But now, ransomware has become more organized, often targeting businesses with large information and data systems, whose production and business activities rely mainly on information technology systems. Ransomware attack groups now not only focus on encrypting personal data, but also seek to infiltrate the information systems of organizations and businesses to search for core information technology systems or important data to encrypt, causing the entire operation of the attacked unit to stagnate. In fact, many businesses around the world have to pay ransom to hackers to restore their systems, but not always successfully. There have been cases where even after paying, all data was not restored or even the decryption key was not received.
Recognizing the challenges from ransomware that organizations and businesses are facing, at the workshop "Strengthening the immune system for organizations and businesses in the digital space" recently organized by VNPT Information Technology Company (VNPT-IT) in collaboration with IBM Vietnam Company, VNPT-IT information security expert Pham Trung Duc shared that businesses need to coordinate smoothly three pillars, including: Process, information security system and people (which most businesses have not yet focused on). Because if you only invest individually in one of the three pillars, building and monitoring information security will not only become difficult, but also lose synchronization in the incident response and handling process.
Always have a plan ready
VNPT-IT information security expert Nguyen Van Han assessed that most of the security systems of Vietnamese enterprises are still monotonous and have not received close attention, especially for small and medium enterprises. In addition, some organizations and enterprises do not have adequate infrastructure and resources to serve the work of ensuring information security, many systems are not upgraded and maintained regularly, leading to the risk of losing data safety and security. In particular, some enterprises do not have a team of personnel with in-depth expertise in information security, causing difficulties in response and incident handling. These are the root causes that make the information systems of many units and enterprises continuously attacked.
Agreeing with this assessment, from his practical experience, Mr. Le Quang Ha said that the attention and focus on investment in information security in Vietnamese organizations and enterprises is not uniform. There are units that are very interested, fully investing in both human resources and tools, solutions to improve the level of information security maturity, effectively preventing cyber security risks from inside and outside, but there are also many units that are not fully interested, or lack resources to build the apparatus, human resources as well as to invest in effective information security solutions.
Meanwhile, the attackers are hackers from all over the world who are very proficient in attack skills. They also constantly share new tools and attack methods with each other, so there will definitely be a gap between the attackers and the defenders in different environments.
The solution to this problem is instead of trying to build a competent information security team yourself, you can find strong cybersecurity partners to accompany and cooperate with. These partners are professional in ensuring information security, the human resources are continuously trained over time, have good capacity, helping businesses quickly supplement resources in tools and people to defend against external attacks.
IBM Vietnam storage solution consultant Nguyen Viet Dong also emphasized that there is certainly no network security tool that is 100% effective. Although these tools are absolutely necessary to prevent and detect as many vulnerabilities as possible, the risk of being attacked can still occur when even a small vulnerability is leaked. At that time, backups are an important basis for data recovery.
Experts agree that building a thorough information security strategy will be a stepping stone to help increase the "resistance" of businesses in a context full of security risks and challenges.
Source: https://baolangson.vn/nang-cao-nang-luc-bao-mat-cho-doanh-nghiep-5022299.html
Comment (0)