Hanoi (VNA) - The rapid evolution of technology has brought a dark side: increasingly sophisticated ransomware attacks which not only target individual users but also cripple organisations and corporations, causing immense and often difficult-to-quantify damage.
The scale of the problem is staggering. According to Cybersecurity Ventures, cybercrime-caused losses reached 8 trillion USD in 2023, equivalent to over 250,000 USD stolen every second. This alarming figure is projected to balloon to 10.5 trillion USD by 2025.
Vietnam is not immune. The Vietnam Cybersecurity Emergency Response Team (VNCERT) reported 13,900 cyberattacks on government agencies, organisations and enterprises in 2023 alone. Online fraud incidents soared to nearly 16,000, resulting in losses exceeding 390 trillion VND (16.25 billion USD), equivalent to 3.6% of Vietnam's GDP.
The situation is worsening. Cybersecurity firm Trend Micro revealed a 50% increase in ransomware attacks in the first half of 2024 compared to the same period in 2023. Hackers are primarily targeting personal data and sensitive commercial information, using them as bargaining chips for extortion.
Le Minh Nghia, a cybersecurity consultant at Trend Micro, painted a concerning picture. He warned that hackers are increasingly deploying artificial intelligence (AI) to automate and accelerate ransomware attacks. This allows them to create more potent and effective malicious codes compared to traditional email scams.
He further highlighted the looming threat posed by the integration of AI with the rapidly growing Internet of Things (IoT) devices. This convergence, he believed, will escalate cybercriminals' attack capabilities in the future.
In response to this growing threat, the Authority of Information Security under the Ministry of Information and Communications has issued nationwide guidelines urging ministries, agencies, localities and businesses to adopt stricter information security measures and ensure swift recovery from potential incidents.
The focus is placed on regularly reviewing and addressing security weaknesses in information systems, strengthening the monitoring and management of critical accounts and system administrator privileges, and using two-factor authentication or privileged account management solutions to prevent unauthorised access and mitigate damage if passwords are compromised./.