Results from the Cyber Security Assessment program for individual users conducted by Bkav Technology Group in December 2023: Damage caused by computer viruses to Vietnamese users was at 17.3 trillion VND (equivalent to 716 million USD), continuing to decrease compared to previous years. This is good news, but the domestic cybersecurity situation still has many hot issues as data encryption virus attacks continue to increase, targeting key servers; Computers without an Internet connection can also be subject to APT (Advanced Persistent Threats) espionage attacks; Online financial fraud shows no signs of slowing down because the source is junk bank accounts...
Overview of the virus situation in Vietnam in 2023
Junk bank accounts are a source of online financial fraud
Bkav's cybersecurity survey report records that the rate of users receiving fraudulent messages and calls continues to increase. If in 2022, this number is 69.6%, then in 2023 it will be 73%.
Online financial fraud has exploded in recent years and has become a problem when victims come from all walks of life and live anywhere. In financial fraud cases, bad guys ask users to transfer money via bank accounts. But when investigating, these accounts were not real accounts of criminals, making it difficult for authorities to find criminals and prevent fraud. Bkav experts analyze that junk bank accounts are the source of the problem of online financial fraud in Vietnam recently.
Mr. Nguyen Van Cuong, Director in charge of cybersecurity at Bkav, said: "The reason is that buying, selling and exchanging bank accounts is happening too easily. Many people simply think that selling accounts they don't use won't be a problem. But in reality, bad guys have taken advantage of these bank accounts to carry out illegal transactions, hiding their origin, causing difficulties for investigation agencies."
Black market channels on Facebook, Telegram, Twitter,etc. buying and selling junk bank accounts are bustling. Over the past year, the police have destroyed many networks that traded thousands of bank accounts abroad, with the transaction value of these accounts reaching hundreds of billions of dong.
There are countless channels for buying, selling, and trading junk bank accounts online
Virus account theft increased by 40%
In 2023, Bkav's virus monitoring and warning system recorded up to 745,000 computers infected with account-stealing viruses (Facebook, banks), an increase of 40% compared to 2022.
The most widespread strains include RedLineStealer, ArkeiStealer, Fabookie... all of which are in the top 20 highly infectious virus strains in Vietnam. If last year, these viruses were still "primitive", only stealing account data, passwords, cookies... then this year, they have been "upgraded" to specifically target Facebook Business accounts, query for more information about payment methods, balance... Successfully exploited, hackers use the victim's own account to silently run ads instead of immediately taking over the account to make more profits. Improve rankings (SEO) of websites that spread malware, etc.
Account-stealing viruses are mainly spread through cracked software. This is also consistent with Bkav's survey results when up to 53% of computers in Vietnam use crack software. As a result, about 10% of users in Vietnam lost their social network, email, bank accounts... These stolen accounts will be used by bad guys to continue defrauding the victim's friends and relatives.
APT espionage attacks on computers without an Internet connection
In agencies and organizations, top secret data is often stored on computers that are disconnected from the Internet to ensure safety against threats from cyber attacks. However, this is not absolutely safe.
In 2023, Bkav discovered many APT attack campaigns by hacker groups Mustang Panda, APT31... using spyware (PlugX, CobaltStrike, njRAT...) to silently steal stored data files. Stored on machines without Internet access. Research shows that spyware targets files in .doc, .docx, .xls, .xlsx, .ppt, .pptx, .pdf... files on the computer and then hides them on USB, waiting for an opportunity. spread to other computers with Internet. At that time, they will send all stolen data to the hacker's server.
The number of APT espionage attacks in Vietnam in 2023 increased by 55% compared to 2022, targeting more than 280,000 computers.
More than 19,000 servers were attacked by data encryption virus
In 2023, Bkav's virus monitoring and warning system recorded more than 19,000 servers being attacked by ransomware from 130,000 malicious IP addresses worldwide, an increase of 35% compared to 2022. Typical virus strains participating in these attacks include TOP/DJVU, FARGO, LockBit...
Bkav experts said the main reason why servers are always the target of data encryption viruses (ransomware) is because they often contain important, sensitive, and highly valuable data. When the server is encrypted, it can cause the entire business to stop for a long time, creating great pressure, forcing victims to pay the ransom, even at any price.
In addition, the server is also the place where the business's services are published on the Internet, so hackers are more accessible to individual users.
Mr. Nguyen Tien Dat, General Director of Bkav's Malware Research Center (AntiMalware), said: “Attacks that infiltrate servers are very sophisticated, from many different paths, such as server vulnerabilities, service vulnerabilities,etc. Administrators need to regularly back up data, evaluate the security of services before opening them to the Internet, and install powerful anti-virus software for real-time protection.
Forecast for 2024
The rapid development of AI not only brings obvious benefits but also creates significant risks for cybersecurity. The biggest challenge facing AI technology today is fraud and targeted APT attacks, with the increasing complexity of phishing scenarios, especially when combining Deepfake and GPT. The ability to collect and analyze user data through AI allows for the creation of sophisticated phishing strategies, making it more difficult for users to identify scams.
APT attacks also continue to increase as important data of organizations is always the target of cybercriminals around the world. These attacks are not only more complex, but the threat level is also particularly serious, aiming to steal and encrypt important data. This requires strengthening security defenses for critical systems.
Increasing security for AI has become an undeniable trend. The international community will need to work closely to develop new security measures, while increasing user knowledge and awareness of the potential risks of AI.