Vietnam cyber security overview in 2020 and predictions for 2021
01:43:00 | 09-03-2021

More than $ 1 billion lost due to computer viruses in 2020

In 2020, the damage caused by computer viruses to Vietnamese users has reached a new record, over USD 1 billion (VND 23.9 trillion VND). This is the result of cyber security assessment program conducted by Bkav Corporation in December 2020.

The overall picture of Vietnam's cyber security in the past 12 months has had many "hot issues". Hundreds of billions of Dong are lost due to cyber security attacks related to banks; cyber security risks come from social networks’ hot trends; many organizations and businesses become victims of targeted attacks, and so on.

COVID-19 causing increase in cyber security attacks

In 2020, COVID-19 broke out, a series of businesses, agencies and organizations switched to work from home. Online working software is searched for and downloaded. Many units are forced to open their systems to the Internet so that their employees can access and work from home. This creates an environment for bad agents to exploit vulnerabilities, perform attacks and steal information.

In the past year, a series of large-scale cyber attacks took place around the world. Foxconn's factory being attacked by hackers for USD 34 million ransom; 267 million information records of Facebook users being offered for sale; Intel being attacked by hackers, causing leakage of 20GB of confidential data, are examples. Most recently, T-Mobile, one of the largest US carriers, became the next victim of hackers. According to Bkav's observation, in Vietnam, many major e-commerce sites, some online delivery platforms with many users, have been compromised and got their data stolen.

When working from home, businesses, organizations need to establish a secure connection environment by equipping solutions such as SSL, VPN, etc., access system security, access software before letting their systems exposed to the Internet; install anti-virus software, firewall, monitoring system, etc., regularly update operating system patches; equip strong user authentication methods such as digital signatures.

On the individual user side, they need to be vigilant when working from home; while ensuring a secure connection environment by installing anti-virus software; avoiding downloading and installing unknown software; regularly updating software and operating system patches; avoiding sharing or accessing strange links.

Hundreds of VND billions lost to banking transaction attacks

In 2020, hundreds of billions of dongs were obtained by hackers through cyber security attacks related to banks, mainly thefts of OTPs. Hackers trick users into installing spyware on their phones to steal messages containing OTPs, enabling them to perform illegal transactions. On average, Bkav's virus monitoring system detects more than 15,000 smartphone spywares per month. Typically, VN84App, the software that collects OTP banking messages, has infected thousands of smartphones in Vietnam.

Experts recommend that users only install software from official application stores. More importantly, users need to install banking protection software on their smartphone.

Hot social media trends: Interesting but potentially dangerous

The social media trends such as "How Much Have You Changed Challenge", "How Life Is Totally Different Now Than It Was a Decade Ago", etc. are hot in 2020. Not only users but also well-known people with millions of followers on social networks join. Those trends are interesting but potentially dangerous for users. Because, joining online trends means that you "voluntarily" provide your own images and information. Bad agents will collect this data to profit themselves or perform phishing attacks.

Bkav experts warn users to be wary of trends on social networks, not participate if not knowing the origin and true purposes of those "hot trends".

Supply chain attack: The new trend of cyber attack

"Supply chain attack” is becoming a prominent trend of cyber attacks. Instead of targeting directly the victim, hackers attack software manufacturers that the victims use, install malware into the software right from "factory". Once the victim downloads or updates the software to a new version from the manufacturer, the malware will be activated, and the hacker can easily penetrate into strictly protected systems.

One of first and most serious supply chain attack happened in 2017, where a series of important Ukrainian organizations such as banks, ministries, newspapers, electricity and so on got attacked by malware NotPetya through an update to the country's accounting software MEDoc. Just a few hours later, the malware got out of Ukraine and infected countless computers around the world. Another incident in 2020, data of the US federal government was compromised by supplier SolarWinds (specializing in developing software to monitor networks, systems and information technology infrastructures) hacked. Another SolarWinds VIP client that was also affected by the attack is US National Nuclear Security Administration (NNSA). In Vietnam, at the end of December 2020, Bkav's cyber security surveillance system recorded an attack in a similar form with the aim of infiltrating important agencies and organizations.

To prevent this type of attack, software vendors need to develop and implement a secure product development and delivery process; equip system monitoring and protection solutions to detect abnormal behaviors.

Outbreak of malware W32.Fileless

As predicted by of Bkav experts at the end of 2019, APT attack using fileless malware broke out in 2020. According to Bkav's statistics, there are at least 800,000 computers in Vietnam infected with that malware in 2020, doubling those in 2019.

Fileless malware does not have binary files on the computer's hard drive like normal malware. This technique helps Fileless malware easily bypass most anti-virus software because they only detect viruses through identification samples.

Vu Ngoc Son, Vice President of Anti-malware, Bkav Corporation said: “W32.Fileless forces anti-virus software manufacturers to change their thought immediately if they do not want their products to become useless. Many anti-virus software products which only scan suspicious files will not be effective in preventing Fileless”.

Bkav experts recommend users to select anti-virus software capable of detecting viruses through controlling abnormal activities.

2021 forecast

At present, Vietnam has avoided the direct and heavy impacts from COVID-19, but the habit of working from home and exchanging information via the Internet will continue and be increasingly popular. In contrast, the global pandemic is different, complicated and unpredictable, accidentally "promoting" cybercrime, leading to data encryption and ransomware campaigns on a large scale. Therefore, users need to be vigilant and defense themselves against cyberattacks.

Smartphone transaction attacks continue to take place. Facebook phishing can be increased because the regulations restricting travel between countries will lead to a large demand for online transactions, sending goods, sending money. Many bad agents will take advantage of this situation to make profit.

Fileless malware, data encryption malware, spyware tracking users and stealing information will be the most active in 2021.