In 2018, the damage caused by computer viruses to Vietnamese users reached a record of VND 14,900 billion, equivalent to USD 642 million, 21% higher than the damage in 2017. This is the result of the cyber security assessment conducted by Bkav Corporation in December 2018.
Globally, cybercrime has caused the losses of about USD 600 billion annually, equivalent to 0.8% of global GDP. In particular, the damage of the East Asia region is estimated of USD 120 – 200 billion, equivalent to 0.53 – 0.89% of regional GDP. The loss of USD 642 million, equivalent to 0.26% of Vietnam’s GDP, is not high compared to the region and the world, but also an alarming record.
60% of network system of agencies and enterprises infected with cryptomining malware
According to Bkav’s research, more than 60% of agencies and enterprises in Viet Nam is infected with cryptomining malware. On average of 10 agencies and businesses, there are 6 organizations whose computers are taken control to mine cryptocurrency, causing information insecurity.
Analyzing the spread of cryptomining malware, according to Bkav’s experts, the main reason is that agencies and enterprises have not yet equipped with comprehensive antivirus solutions for all computers in the internal network. Therefore, as long as a computer in the network is infected with malware, all other computers on the same network will be attacked and infected with malware. In addition to slowing down the machine, cryptomining malware also has the ability to update and download other malicious codes to erase data, steal personal information or even perform APT attacks.
1.6 million computers suffer data deletion by virus
According to statistics from Bkav’s virus surveillance system, more than 1.6 million computers in Viet Nam suffered data loss in 2018. In addition, more than 46% of users participating in the cyber security assessment by Bkav also said that they had troubles with data loss in the past year.
According to Bkav, two popular families of malware in Viet Nam that cause data loss for users are ransomware and virus deleting data on USB. Ransomware mainly infects via email, but up to 74% of Vietnamese users still keep the habit of opening attachments directly from email without opening them in Safe Run environment, which is very dangerous. Meanwhile, because USB is the most popular means of data exchange in Viet Nam, the number of computers infected with virus via USB is always high. Bkav’s statistics show that up to 77% of USB in Viet Nam is infected with virus at least once a year.
The technique of “pass-by comment” to steal Facebook account
In 2018 the phenomenon of stealing Facebook accounts through pass-by comments emerged. According to Bkav’s research, more than 83% of Facebook users encountered these comments.
Bkav experts analyzed that bad actors used Facebook accounts with avatars of beautiful and sexy hotgirls to comment on posts or groups that had a lot of followers. The contents of comments are often very attractive and inviting such as “chat with me”, “make friends with me”, etc. If curiously clicking on the personal page of this “trap” account, the victim may be tricked into losing Facebook account. As a precaution, users absolutely do not click on links from untrusted people. Even if the link is sent from a friend, users need to actively check the information before clicking.
Security vulnerabilities had a sudden increase in number
In 2017 and 2018, the number of security vulnerabilities in software and applications, which were publicly announced, increased dramatically with more than 15,700 vulnerabilities, about 2.5 times higher than previous years. In particular, many critical vulnerabilities appear on popular software such as Adobe Flash Player, Microsoft Windows, etc. and in many CPUs of Intel, Apple, AMD, etc.
Although security patches are quickly released by manufacturers after the flaws appear, the update is not timely, even many years later, it has not been updated yet. Take a typical example with the SMB vulnerability, after 2 years, still more than 50% of computers in Viet Nam have not yet patched this vulnerability. This vulnerability once exploited by WannaCry ransomware to infect more than 300,000 computers in the world in a matter of hours. The patch update that is not timely allows hackers to take advantage of the vulnerability to attack the network, then infect virus, install spyware and perform APT attacks.
Bkav recommends that, in addition to the total malware prevention solutions, agencies and businesses need to equip with security policy control solutions, ensuring that computers in the system fully update the patches of software vulnerabilities to avoid the risk of exploitation. Users should turn on auto-update mode and perform checking and installing patches for computers.
Malware using AI artificial intelligence can appear in 2019
Bkav experts predict that malware using AI artificial intelligence may appear next year, initially in the form of PoC (Proof of Concept) prototypes. However, the biggest threat of Internet users comes from ransomware, virus deleting data, cryptomining virus and APT attacks. These types of viruses can combine many different infection paths to maximize the spread, of which the most common can be exploiting the flaws of software, operating system and through phishing vulnerabilities.
The spam on Facebook will have many variables, not only under the pass-by comment, bad actors can thoroughly use other forms such as chat messenger, invitation for adding friends or tag into articles, etc. The form of spreading rumors about cyber attacks like the case of The gioi di dong, FPT Shop, etc. to cause panic and gain profits may increase. Social network users need to be more vigilant with these “tricks” of bad actors.