Viet Nam cyber security overview in 2019 and predictions for 2020
04:57:00 | 14-01-2020

Damage caused by computer viruses exceeded 20 trillion VND

In 2019, the damage caused by computer viruses to Vietnamese users amounted to VND 20,892 billion, equivalent to USD 902 million, much higher than VND 14,900 billion in 2018. Although there was no particularly serious incident, but the increase of computers infected with ransomware and APT malware was the main cause of this huge damage. The total number of infected computers in Vietnam in 2019 reached 85.2 million, increasing 3.5% compared to 2018.

Positive changes came from state agencies

In 2019, the drastic guidance from the competent agencies and the simultaneous campaigns to handle malware in some big cities contributed to a significant reduction in the number of computer zombies in Vietnam. According to ITU, Vietnam jumped 50 places in the global cyber security ranking of the year.

Bkav experts analyzed that these were very good signals, gradually improving the situation of cyber security in Vietnam, which had not happened in the past few decades. However, this positive change had come mainly from state agencies and a number of big cities. Meanwhile, the prevention of malware in other localities was still not focused, especially as a large number of computers in the private sectors and individuals have not equipped with protection solutions or permanent anti-virus software. Some did have but not powerful enough. According to Bkav statistics, the rate of malware infected computers in 2019 in Vietnam was still very high, 57.70%.

80% of computers were infected with viruses due to installation of software downloaded from the Internet

Analyzing the causes of the high number of infected computers, Bkav experts said the first reason was the download and installation of unknown software from the Internet. On average, 8 in 10 computers installing software downloaded from the Internet would be infected with virus, which was a very high percentage. To ensure safety, users should only download software from verified origin, trusted manufacturers and from official application stores.

The rate of virus infection via USB declined sharply, decreasing to 22% compared to 2018, but still at a high rate of 55%. In contrast, email virus increased by 20%, up 4% compared to with 2018. Also according to Bkav statistics, 41.04% of computers in Vietnam contained SMB vulnerabilities which had been exploited by Wanna Cry virus to infect more than 300,000 computers in just a few hours. These were still great risks of information insecurity in Vietnam.

To prevent malware, Bkav experts recommend users need to equip permanent anti-virus software to scan USB viruses before using them; open attachments received from the Internet in Safe Run environment; regularly update patches for computers.

1.8 million computers lost data

In 2019, we continued to witness the raging of ransomware. According to Bkav's statistics, the number of computers losing data in 2019 reached 1.8 million, up 12% compared to 2018. More seriously, among these were many servers that stored the data of the agencies. The data stored by these servers being deleted only caused great damage, it also delayed the operation of agencies and businesses for many days, even months.

According to Bkav experts, a large-scale campaign of foreign hackers attacking servers with weak passwords in Vietnam was executed. The hackers focused on detecting servers with weak passwords, thereby performing unauthorized remote access to manually install ransomware. This type of attack made the antivirus software disabled because hackers had gained full control of the servers.

Users, especially administrators, need to check and use passwords strong enough for the computers and servers. Strong passwords must be 9 characters or longer, containing both capital letters and lowercase letters, numbers and special characters. In addition, passwords should not contain easy-to-guess letters such as user or server information.

APT malware were sophisticated enough to be "invisible"

420,000 computers in Vietnam were infected with dangerous APT malware W32.Fileless. According to Bkav experts, W32.Fileless used very sophisticated technique which could make it "invisible". This malware did not leave any signals of their existence like other regular malware.

Mr. Vu Ngoc Son, Vice President of Anti-malware, Bkav Corporation said: “W32.Fileless hides in the system configuration parameters such as Registry, WMI or Task Schedule. They sabotage by using standard system processes to run special scripts. This malware spreads via USB or through operating system vulnerabilities”.

Due to the ability of being transparent to users, this malware would stay persistent to steal information, install backdoor so that hackers could take remote control of the computer. Bkav also noted that some W32.Fileless families had downloaded other malwares to use resources of the computers for cryptocurrency mining.

Bkav experts recommend that users need to upgrade the latest version of anti-virus software to be able to find and remove this invisible virus.

By 2020, security on IoT devices will be a hot topic

Bkav experts predict that by 2020, APT will be more sophisticated, Fileless will be the main trend, along with malware that counterfeits standard software and programs through DLL Side-Loading to bypass anti-virus software. Cryptocurrency attack will continue to increase due to the direct benefits to the hacker.

IoT devices such as routers, Wi-Fi, surveillance cameras, terminals and so on will be a hot topic for cyber security as these devices become increasingly popular and widely connected. Phishing attacks to hijack bank accounts will continue to grow unpredictably.

Fake news will continue to be a painful issue for the community and competent agencies. Deep-fake powered fake news, fake clips with bad intent will appear.