Vu Ngoc Son from the Vietnam National Cyber Security Technology Corporation (NSC) reported that over the last two weeks, a series of double extortion ransomware attacks were conducted and this form of attack is likely to be a major trend this year.
The latest victims are Schneider Electric, a public transport agency of Kansas City in the US, the British Library, and ESO Solutions in the US.
Son said this is a form of “terrorist” attack on victims.
First, access to computers are denied because the data are encrypted. Victims will be required to pay money in exchange for a decryption key. Hackers may sell the data on the black market, causing data leakage. The data to be sold may include sensitive information affecting victims’ businesses.
No double extortion ransomware attack in Vietnam has been reported so far. But Son said system administrators need to be cautious, because the days just before Tet and holidays are the favorite time of hackers. This is because victims’ systems will also be on a ‘long holiday’ and victims won’t be able to discover attacks immediately.
Also, it will take more time to fix the troubles caused by attacks, because institutions and individuals cannot mobilize their staff as quickly as on ordinary days.
NCS reported many ransomware attacks in 2023, which caused serious consequences. As many as 83,000 computers and hosts reported attacks by ransomware, an increase of 8.4 percent over 2022.
Particularly, the number of ransomware attacks rose sharply in the fourth quarter 2023, by 23 percent compared with the average figure of the first three quarters. It is estimated that the number of data encryption malware variants in 2023 reached 37,500, an increase of 5.7 percent over 2022.
In the report about information insecurity risks in 2023 released recently, Viettel Cyber Security said that there were at least nine ransomware attacks targeting large companies and institutions in Vietnam last year. The attacks encrypted hundreds of GB of data and tried blackmailing others of at least US$3 million.
The ’ransomware as a service’ trend is growing, mostly targeting businesses and institutions. The subjects mostly affected in 2023 were in the banking, finance, insurance and energy sectors. Viettel Cyber Security also thinks ransomware is one of four cybersecurity trends in 2024 in Vietnam.