Vietnam saw 5,100 cyber security attacks targeting various systems in the first half of the year, with nearly 400 agencies and organizations’ websites being hacked and having gambling and betting advertising codes inserted, the Vietnam National Cybersecurity Technology Corporation (NCS) said in a report released on Friday.

The affected websites included those with domain names ending in .gov.vn and .edu.vn, which signify a website belonging to organizations and agencies under the government of Vietnam or the Ministry of Education and Training, respectively.

The figure is highly alarming, according to NCS, as hackers, in addition to inserting advertising links, can exploit system control to pilfer the database, comprising users’ personal information, and potentially upload harmful content to distribute malicious code in the future.

In general, the number of cyber security breaches on Vietnamese systems decreased by approximately 12 percent in January-June compared to the same period in 2022, totaling 5,100 incidents. 

However, there was a rise of around nine percent in the instances of advanced persistent threat (APT) on critical establishments during the six-month period, which can be attributed to the abundance of vital and influential data present in such facilities, making them prime targets for hackers.

According to NCS experts, the mentioned APT attack campaigns primarily concentrated on three key attack methods -- namely employing fabricated email content containing text files embedded with malicious code or deceptive login links aiming to hijack user accounts; exploiting software vulnerabilities on servers, particularly targeting systems utilizing Microsoft software such as Exchange and SharePoint; and exploiting website vulnerabilities, particularly SQL Injection vulnerabilities or attempting to breach website administrator and server passwords.

Once the hacker successfully infiltrates a system component, whether it is a user’s device or a vulnerable server, they will conceal their presence, gather login credentials, and subsequently escalate the attack by targeting additional computers within the network.

APT attacks have the potential to persist for extended periods, spanning weeks or even months, according to NCS. 

However, several agencies and organizations lack a security operations center (SOC) or possess one that inadequately collects logs. 

Furthermore, the absence of dedicated experts compounds the issue, resulting in significant data loss by the time the intrusion is detected, when hackers already had sufficient time to erase their tracks, thereby complicating the investigation process and impeding efforts to rectify the problem.

NCS recommends agencies and organizations prioritize the maintenance and security of their website and portal systems. 

This entails establishing dedicated teams or outsourcing operational services to ensure comprehensive network security. 

To effectively prevent APT attacks, a thorough system review is necessary, including the collection of comprehensive activity logs and the appointment of specialized personnel or the outsourcing of network security monitoring services.

Like us on Facebook or follow us on Twitter to get the latest news about Vietnam!