Tag Archive for: Businesses

Businesses turn on ‘alert’ after ransomware attacks corporations

/in


ransomware khanhlinh.jpg
Illustrative photo (Photo: Khanh Linh)

Just eight days after a ransomware attack of the VnDirect Securities’ database was discovered, Vietnam’s cyberspace on April 2 recognized another intentional ransomware attack targeting PVOIL, a petroleum distributor, which caused the disruption of the entire information system of the enterprise.

Agencies in charge of network safety and security, with the main force being A05 under the Ministry of Public Security and the Authority of Information Security (AIS) under the Ministry of Information and Communications (MIC), have been helping the two businesses to handle the problems.

Experts believe that the attackers only targeted the two businesses, and more businesses may become their next victims.

AIS in recent days has found an increase in the number of ransomware attacks targeting businesses and organizations in Vietnam. The two attacks above have raised worries about a new ransomware campaign.

Talking to VietNamNet right after PVOIL confirmed the attack, Ngo Quoc Vinh, deputy CEO of VNCS Global, said Vietnam’s cyberspace has been seeing many ransomware attacks recently, but it’s too early to conclude that there is an intentional attack campaign targeting Vietnam.

According to Vinh, one of the reasons Vietnam is among the countries sustaining many ‘Prior Compromised’ attacks is the habit of Vietnamese who use unlicensed software provided on the internet for free. 

The use of pirated software allows hackers to easily install malware inside many systems for a long time.

In general, ransomware attacks don’t begin right after hackers install malware in information systems. Hackers carry out undercover activities for a certain time before they conduct attack at the suitable moment — for example, when they are sure that the attacks will have the biggest impact and bring the highest financial benefits.

In many cases, attacks are tailored based on the characteristics of targeted enterprises’ business activities. “Hackers conduct multi-directional execution, weaponized by AI to help increase the success rate,” he said. 

Commenting about the attack method used in VnDirect and PVOIL cases, Vu Ngoc Son, CTO of NCS, said the…

Source…

2024 Thales Data Threat Report Reveals Rise In Ransomware Attacks, As Compliance Failings Leave Businesses Vulnerable To…

/in


(MENAFN– AETOSWire) (BUSINESS WIRE ) — Thales today announced the release of the 2024 Thales Data Threat Report , its annual report on the latest data security threats, trends, and emerging topics based on a survey of nearly 3000 IT and security professionals in 18 countries across 37 industries. This year’s report found that 93% of IT professionals believe security threats are increasing in volume or severity, a significant rise from 47% last year.

Threats continue to increase in volume and severity

The number of enterprises experiencing ransomware attacks surged by over 27% in the past year. Despite this escalating threat, less than half of organisations have a formal ransomware plan in place, with 8% resorting to paying the ransom demands.

Malware stands out as the fastest-growing threat of 2024, with 41% of enterprises witnessing a malware attack in the past year – closely followed by phishing and ransomware. Cloud assets, including SaaS applications, cloud-based storage, and cloud infrastructure management, remain the primary targets for such attacks.

The report shows that for a second year running, human error remains the leading cause of data breaches, with 31% of enterprises pinpointing this as the root cause.

These insights are drawn from the 2024 Thales Data Threat Report, conducted by 451 Research. The report sheds light on how businesses are adapting their data security strategies and practices in response to an evolving threat landscape.

Compliance is the key to data security

The research found that over two fifths (43%) of enterprises failed a compliance audit in the past twelve months – with the report highlighting a very clear correlation between compliance and data security.

Of those that had failed a compliance audit in the past twelve months, 31% had experienced a breach that very same year. This compares to just 3% of those who had passed compliance audits.

Operational complexity continues to cause data headaches

Fundamental understanding of what systems, applications, and data are at risk continue to lag due to changing regulatory and threat landscapes. Only a third (33%) of organisations are…

Source…

UK Businesses Urged to Fortify Against Global Cyber Threats

/in


In the shadow of Russia’s invasion of Ukraine, an unprecedented cyber conflict unfolds, sending ripples across the globe and awakening businesses to the stark realities of digital warfare. The National Cyber Security Centre (NCSC), a beacon of guidance in these turbulent times, has stepped forward with critical advice for UK enterprises. Amidst a landscape where cyber-attacks on Ukraine bear international consequences, the NCSC’s counsel serves as both a shield and a strategy, urging businesses to bolster their cyber defenses.

Empowering Businesses Against Invisible Threats

The digital realm, often invisible yet omnipresent, harbors threats that can cripple the unprepared. Recognizing this, the NCSC’s guidance is a clarion call to action for business owners. The advisory emphasizes fundamental cyber security measures such as ensuring software and devices are consistently updated, tightening access controls, and maintaining robust anti-virus and firewall defenses. Moreover, the importance of logging and monitoring systems, reviewing backup processes, and having an up-to-date incident response plan cannot be overstated. In a move to preempt potential cyber onslaughts, the NCSC also advises on the meticulous management of external internet footprints and establishing phishing response processes.

Building a Resilient Digital Ecosystem

Amid the digital cacophony, the recommendation to engage in threat information sharing and educating the organization about cyber threats is a step towards cultivating a culture of cyber resilience. The NCSC’s guidance is not just about defense but about fostering an environment where every member is aware and vigilant. Armstrong Watson’s initiative to host a free webinar further underscores the importance of equipping businesses with the knowledge to protect against cyber threats. This collaborative approach towards cyber security underscores the significance of unity in the face of digital adversaries.

Global Cyber Warfare’s Local Impact

The global cyber conflict, with its epicenter in Ukraine, serves as a stark reminder of the interconnectedness of our digital world. As historical patterns…

Source…

Trickbot malware scumbag gets five years for infecting hospitals, businesses • The Register

/in


A former Trickbot developer has been sent down for five years and four months for his role in infecting American hospitals and businesses with ransomware and other malware, costing victims tens of millions of dollars in losses.

Vladimir Dunaev, of Amur Oblast in Russia, was sentenced in the US yesterday after pleading guilty on November 30 to two counts: conspiracy to commit computer fraud, and conspiracy to commit wire fraud.

Between June 2016 and June 2021, Dunaev worked as a developer for the criminal gang, providing “specialized services and technical abilities,” according to his plea agreement [PDF].

These special skills included recruiting other coders, buying and managing servers used to deploy and operate the Windows nasty Trickbot, encrypting the malware to avoid detection by security software, spamming and phishing potential victims, and then laundering stolen funds. He also added support for stealing information out of victims’ browsers, such as their online account credentials.

“For instance, Dunaev developed browser modifications for several widely used open-source browsers, such as FireFox and Chrome, using open-source codebases for each browser called FireFox Nightly and Chromium,” the court documents say. “These modifications facilitated and enhanced the remote access obtained by Trickbot by allowing actors to steal passwords, credentials, and other stored information.”

Dunaev also confessed to writing code used to steal secrets from infected computers. Between October 2018 and February 2021 alone, the crew defrauded victims out of more than $3.4 million, the court documents claim.  

According to the UK National Crime Agency, the gang has extorted at least $180 million (£145 million) from people and organizations worldwide.

In 2021, Dunaev was extradited to America from South Korea. The original indictment charged Dunaev and six others for their alleged roles in developing, deploying, managing and profiting from Trickbot.

In June, one of the six suspects — Trickbot malware admin Alla Witte — pleaded guilty to conspiracy to commit computer fraud and was sentenced to two years and eight months in prison.

Trickbot, which started as a banking…

Source…