Speaking more about recent incidents, expert Vu Ngoc Son, Technical Director of Vietnam Cyber Security Technology Company – NCS commented that the forms of hacker attacks are relatively similar, they are all lying attacks. area for a while and then encrypts the ransomware data. However, the attack techniques are not the same, so it is likely that these are attacks by different cybercriminal groups. There is no evidence that this was an organized campaign. However, this possibility cannot be ruled out because the incidents occurred consecutively in a fairly short period of time.
To perform data encryption, hackers must have enough time to know which data is important. Therefore, hackers will have to install malicious code lying around, collect information every day, then analyze, evaluate and select targets to encrypt data. The more complex an organization has many components, the longer the on-site time must be.
Things to do immediately to prevent ransomware attacks
As noted by VietNamNet reporters, in recent days, especially after the incident on VNDIRECT, the team of security experts has received many requests for support in checking and evaluating the security of the enterprise’s system. Based on analysis of the situation, experts believe that businesses and organizations need to turn on emergency mode and focus on implementing necessary measures to be ready to respond to cyber attacks. including ransomware attacks.
Businesses and organizations are recommended to be more proactive in preventing ransomware attacks. In addition to reviewing vulnerabilities and enhancing technology solutions, large businesses and organizations need to build a team dedicated to network safety and security to protect the system.
At the same time, units also need to pay special attention to fully and practically deploying the 4-layer protection model as recommended by the Ministry of Information and Communications, including the requirement to hire professional network security monitoring services to ensure Objective security, overcoming human weaknesses of the system, timely detection when the system is attacked.
Vietnamese businesses are recommended to be more proactive in preventing ransomware attacks. Illustration photo: Khanh Linh
Five things to do immediately, as suggested by expert Vu Ngoc Son, include: Urgently put important systems under 24/7 network security monitoring; Back up important data, it is best to set up a backup system periodically; Prepare incident response procedures; Training on safety awareness, network security and improving skills for users; Review and periodically check security for the entire system.
From experience supporting domestic and foreign businesses, Mr. Ngo Quoc Vinh emphasized, “prevention is always more effective than prevention”, and it is time for businesses to pay more attention to investing in information security.
“The short-term strategy for businesses and organizations is to immediately use information security assessment, operation and monitoring services from professional organizations. In the long term, units need to have a longer strategy to be able to autonomously ensure information security, and build a suitable investment roadmap for a comprehensive information security architecture.”Mr. Ngo Quoc Vinh proposed.
