Computer viruses cause record loss of 637 million USD
Vietnamese computer users suffered a record 14.9 trillion VND (637.6 million USD) in damage from viruses this year, an increase of 21 percent from 2017, according to a cyber security assessment report released by Bkav Technology Group this week.
The report revealed more than 60 percent of agencies and businesses in Viet Nam are infected with malicious code from bitcoin miners, causing security breaches and loss of information.
According to Bkav experts, the high level of infection was because businesses and agencies do not have adequate anti-virus software.
“If just one computer in the network is infected with malicious code, all other computers on the same network will be attacked and infected,” the report quoted Bkav experts as saying.
“The bitcoin miners’ malicious code will not only slow down computers, but also update and download more malicious codes to delete data, steal personal information or even carry out advanced persistent threat (APT) attacks.”
According to Bkav’s virus monitoring system, more than 1.6 million PCs in the country lost data in 2018.
Almost half of users participating in the network security assessment programme said they had lost data this year.
Bkav said there were two common lines of malicious code in Viet Nam causing data loss, including an encrypted ransomware virus and a virus that can wipe all data on the users’ USB drive.
“The encrypted ransomware virus mainly goes through email,” experts said.
“About 74 percent of users in Viet Nam still have the habit of opening file attachments directly from email without opening it through Bkav Safe Run, which is a technology that helps prevent malicious code from entering the computer if users accidentally download it from the internet.”
“USB is the most popular means of data exchange in Viet Nam, so the number of computers infected via USB is always high. Bkav statistics show up to 77 percent of USB drives in Viet Nam are infected at least once a year,” the experts added.
This year, a trend also emerged in which people stole Facebook accounts through comments.
Bkav research showed more than 83 per cent of users on the social network have encountered these malicious comments.
The experts said hackers create fake Facebook accounts with photos of beautiful women as the avatars. They write inviting comments on the site asking people to chat with them. If someone clicks on the page of one of these trap accounts, the victim may be cheated into losing his or her account.
“As a precaution, users should not click links from untrustworthy users. Even if the link is sent from a friend, the user should actively check the information before clicking,” the experts added.
In 2017 and 2018, the number of security vulnerabilities in software and applications has skyrocketed to more than 15,700 vulnerabilities, about 2.5 times higher than the previous year. In particular, serious vulnerabilities appeared on popular software such as Adobe Flash Player, Microsoft Windows and in many CPU lines of Intel, Apple and AMD.
Although security patches were announced by producers quickly after vulnerabilities appeared, updates to the patch were not quick enough.
For example, take the SMB flaws that exposed users to ransomware attacks. After two years more than 50 percent of computers in Viet Nam still have not patched this vulnerability.
This was exploited by the WannaCry ransomeware code, which infected more than 300,000 computers worldwide in several hours. The patch, which was not updated in time, enabled hackers to exploit vulnerabilities to attack the network to install viruses and spyware.
In the report, Bkav experts recommended that besides overall malware solutions, agencies and businesses should equip security policy control solutions, ensuring all computers in the system are fully updated to eliminate software vulnerabilities and mitigate the risk of being exploited.
They also predicted that malware using artificial intelligence could appear next year. The biggest threats to Internet users, however, come from malicious code that can delete data, hacking and APT attacks.
(Source: VNS/VNA)