In particular, in the fourth quarter of 2023, the number of data encryption malware attacks increased sharply, exceeding 23% compared to the average of the first three quarters of the year. Some key facilities also recorded data encryption attacks at this time. The number of data encryption malware variants appearing in 2023 is 37,500, an increase of 5.7% compared to 2022.
Increasing ransomware attacks on businesses and organizations is forecast to be one of four information security trends in 2024 in Vietnam. (Illustration photo: NS)
In the newly released report on the risk of information insecurity in Vietnam in 2023, Viettel Cyber Security’s technical system recorded at least 9 ransomware attacks targeting large companies and organizations in Vietnam. . These attacks encrypted hundreds of GB of data and extorted at least 3 million USD, causing disruption and heavy damage to targeted companies and organizations.
The ‘Ransomware as a Service’ trend is increasing and is focused on enterprise organizations. The sectors most affected by Ransomware in 2023 are large organizations and businesses, especially in the fields of banking, finance, insurance, energy…
Viettel Cyber Security experts also identified that increasing ransomware attacks on businesses and organizations is one of the four technology and information security trends in 2024 in Vietnam. Businesses around the world and in Vietnam can become victims of ransomware. The top weaknesses that lead to ransomware attacks on organizations often focus on people, software vulnerabilities and digital assets on the Internet such as websites and applications.
Business actions to protect the organization against ransomware attacks include: Focusing on employee training, increasing awareness of attacks in the form of emails with fake links, and increasing form identification phishing and initial handling of suspicious files; Use data recovery and backup solutions to ensure data source integrity when subjected to encryption attacks.
Along with that, businesses also need to increase the use of solutions to update information security situations such as Threat Intelligence, promptly grasp attack situations and proactively respond; Focus on digital asset and vulnerability management, ensuring critical software and vulnerability patches are regularly updated, minimizing attack surface; Implement solutions that protect data and access through multiple layers of authentication.
At the same time, it is necessary to plan for system-wide information security protection, continuous information security monitoring and incident response preparation, including layered protection solutions, processing and handling processes. Personnel reaction, solutions when the system becomes the target of attack.
