RANSOMWARE ATTACKS CAUSE DAMAGES OF OVER $1 MILLION
In the first half of the year, there was a prominent trend of cyber attacks involving data encryption and ransom demands, resulting in significant damages. The volume of encrypted data reached 3 Terabytes, with estimated total losses surpassing $1 million for multiple organizations and businesses across various industries, including retail, logistics, finance, technology, and services.
With the evolution of Ransomware-as-a-Service (RaaS), data encryption attacks are becoming more widespread, providing opportunities for active attack groups such as Lockbit, Phobos, and Knight to exert stronger ransom pressures on organizations and businesses.
In addition to the affected organizations and businesses, Viettel Threat Intelligence from VCS also identified 56 organizations that were infiltrated in the initial stages of a ransomware attack, where the malware had entered their systems but data encryption had not yet occurred.
The time malware can remain hidden in a system can be up to 200 days, presenting both a risk and an opportunity for organizations and businesses to detect and prevent ransomware activation.
To stop ransomware attacks at the initial stage, Viettel Threat Intelligence recommends that organizations and businesses conduct penetration testing to identify signs of ransomware attacks and implement preventive measures before data encryption occurs.
OVER 61 MILLION PERSONAL ACCOUNT RECORDS EXPOSED
The beginning of 2024 witnessed an explosion in the sale of user information, system data, and sensitive data of large enterprises in Vietnam. The number of data breach incidents surged in May and June. Viettel Threat Intelligence observed a 1.5-fold increase in the number of exposed personal account records compared to the same period in 2023.
VCS’s report identified 46 data breaches in Vietnam, exposing approximately 13 million customer records, 12.3GB of source code, and 16GB of data. The majority of the exposed information consisted of system source code, sales data, customer information, and sensitive documents extracted from internal systems in various sectors such as banking, technology, education, retail, transportation, and finance.
FINANCIAL FRAUD AND SCAMS REMAIN PREVALENT
The VCS report also highlights the risks of information security threats related to financial fraud and scams. According to Viettel Threat Intelligence, 2,364 fraudulent domains targeting users and customers of large organizations in Vietnam were detected in the first half of 2024, reflecting a 1.2-fold increase compared to the same period in 2023.
Additionally, Viettel Threat Intelligence identified and warned against 496 fake websites that illegally used the trademarks of prominent organizations in Vietnam, a fourfold increase compared to the same period last year.
Criminal groups are increasingly employing AI technologies to craft sophisticated scam scenarios and utilize deep fake and deep voice techniques in their campaigns to gain victims’ trust. Some common scam tactics include credit card-related service scams, impersonation of authorities to install malicious Android applications, and recovery scam schemes.
In terms of sector distribution, the financial and banking industry remains the primary target, accounting for 71% of all scam and impersonation attacks.
In addition to scam and impersonation attacks, Viettel Threat Intelligence also recorded 71 security vulnerabilities that could impact organizations and businesses, with many of these vulnerabilities being exploited in various sectors, including finance and banking, and energy.
LARGE-SCALE DDoS ATTACK OF NEARLY 300Gbps DETECTED
During the first six months of 2024, the Viettel Anti-DDoS system of VCS recorded nearly 495,000 distributed denial-of-service (DDoS) attacks, a 16% increase compared to the same period in 2023. Over 50% of these attacks occurred in February.
VCS experts attribute the rise in attack volume compared to the previous year to a change in attack patterns. Instead of conducting a small number of extremely high-intensity attacks on a scanned IP, hackers have adopted a combination of different attack forms, such as Carpet Bomb and Hit-and-Run.
Viettel Anti-DDoS observed that financial institutions, information technology service providers, government agencies, and entertainment companies remain frequent targets of DDoS attacks. Additionally, the education sector has also become a focus for these attacks.
FORECAST OF CYBERSECURITY THREATS FOR THE LAST SIX MONTHS OF THE YEAR
The cybersecurity threat trends anticipated for the latter half of the year by experts at VCS include an increase in the volume and diversity of malware attacks, such as fileless malware attacks, supply chain attacks, and ransomware attacks, which are expected to continue posing threats with faster data encryption capabilities and higher ransom demands.
Furthermore, it is predicted that scam and impersonation campaigns using the brands of prominent Vietnamese organizations will persist in the next six months. Notably, scammers may impersonate authorities to install malicious applications on mobile devices.
For the detailed report, please visit: https://services.viettelcybersecurity.com/bao-cao-tinh-hinh-nguy-co-mat-attt-6-thang-dau-nam-2024
