(TBTCO) – On the afternoon of May 29, Bkav’s Technical Support Center said that the unit had received hundreds of calls, asking to handle ransomware virus (ransomware). Bkav’s virus monitoring system also recorded that in the first half of this year, more than 77,000 computers in Vietnam had data encrypted.
According to Bkav, this is an alarming fact and needs to be prevented. Studying the strong spread of this virus, experts point out that “Asin’s heel” causes many organizations to be blackmailed by ransomware.
At the beginning of May 2023, a large enterprise, with a team of experienced administrators, knew that its system was attacked by ransomware, all over 10TB of encrypted data. Hacker asked for more than 4 billion VND in exchange for the decryption key. The problem is, this unit’s system is not protected by a strong enough anti-virus software.
In the middle of May 2023, another business was attacked by hackers and encrypted data on a series of servers and personal computers at midnight. Hackers demanded $9,000 in data ransom for each encrypted machine. Bkav experts discovered that the system was attacked by the Jianliang encryption virus, which had never appeared before.
Bkav’s virus monitoring system also detects STOP/DJVU or FARGO3 data encryption malware, specifically targeting businesses and units using accounting data management software. According to statistics, there are a total of 261 compromised servers from more than 6,000 different IPs.
Nguyen Tien Dat – General Director of Bkav’s Malware Research Center, said that these are just examples of many cases showing the subjectivity of system administrators, causing ransomware to blackmail. rife. Among hundreds of cases of contacting Bkav asking for help, more than 50% of organizations and individuals do not use anti-virus software or install inadequate protection applications.
| More than 77,000 computers in Vietnam are encrypted and blackmailed. Photo: TL |
In particular, there are units that have a lot of important data but save money, using free anti-virus software. Free anti-virus software is capable of handling common malicious codes, only suitable for protecting not too important data due to its inability to automatically detect and completely remove data-encrypting viruses. .
Data encryption malware uses many methods to attack: exploit web service vulnerabilities, brute force into SQL services, operating system vulnerabilities, to attack directly. continue to the server. The other way is to attack a personal machine, then silently scan and penetrate the servers and other computers in the network …
“The consequences of data encryption incidents are often devastating because recovering the data is nearly impossible. Even if the victim accepts the payment, it does not guarantee that they will get back the data from the hacker,” Dat said.
| To avoid data encryption attacks, experts from Bkav recommend that users and system administrators need to: Backup important data regularly; do not open the internal service port to the Internet when it is not necessary; security assessment of services before opening to the Internet; Install anti-virus software powerful enough for permanent protection. |
Tags: computers Vietnam encrypted blackmailed
