Report on cybersecurity (September 2024)

October 11, 2024 | 09:26 am GMT+7

The cybersecurity report for September 2024 provides detailed information on cybersecurity events, trends in cyberattacks, and newly disclosed security vulnerabilities.

    1. Cybersecurity alerts issued during the month:

    The Authority of Information Security issued multiple alerts related to severe security vulnerabilities, particularly in Microsoft's products. One of the most critical alerts pertained to targeted cyberattacks on important systems, issued on September 11, 2024. These alerts are provided weekly to help organizations and agencies proactively address and mitigate cybersecurity risks. NCSC (National Cyber Security Center) also detected hundreds of fake domains impersonating financial organizations, banks, and governmental agencies with the intent to deceive users and cause significant damages. 

    2. Status of data sharing and monitoring connectivity among ministries and localities:

    By September 2024, 87 units, including 63 provinces/cities and 24 ministries/agencies, had implemented cybersecurity monitoring and connected to NCSC’s monitoring system. Among these, 74 units had fully shared data, while 13 units had not yet completed the data-sharing process. These units are required to continue sharing data to ensure the security of national information systems and comply with regulations under Directive No. 14/CT-TTG 2019 from the Prime Minister. 

    3. Malware prevention solutions implementation:

    As of September 2024, 88 units had implemented centralized malware prevention solutions and shared malware data with NCSC. NCSC’s technical systems recorded that 76 out of 88 units had fully and regularly shared their malware data, covering 294,800 monitored computers. 

    4. Detection and prevention of online fraud:

    In September 2024, NCSC detected 125,338 fake websites that impersonated governmental agencies, financial organizations, and large companies for fraudulent purposes. These fake websites often mimic legitimate ones to deceive users and steal their information. Among these, 31 fake websites were identified and listed in NCSC’s warning list. Organizations are advised to proactively scan for fake websites, notify users early, and protect their brand reputation. 

    5. Early detection and warnings of cybersecurity vulnerabilities:

    NCSC’s monitoring system identified more than 45,000 cybersecurity vulnerabilities in the information systems of governmental organizations. Among them, 12 newly discovered vulnerabilities were classified as severe or high-risk, which could be exploited to attack the systems of organizations. Several high-impact vulnerabilities were noted, such as CVE-2024-40766 (affecting SonicWall SonicOS) and CVE-2024-29847 (affecting Ivanti EPM). Organizations are required to assess their systems and quickly address these vulnerabilities to ensure cybersecurity. 

    6. Risk analysis and early warnings of targeted attacks:

    The trend of ransomware attacks has increased significantly. Several information systems belonging to governmental organizations and businesses in Vietnam have been affected, leading to disruptions and significant financial and reputational damages. The Authority of Information Security issued an official document warning of targeted cyberattacks on September 11, 2024. NCSC has also collected and analyzed many indicators of compromise (IoC), helping organizations identify early risks in their systems and prevent attacks. 

    7. Botnet risk prevention:

    In September 2024, NCSC detected 18 systems from various organizations connected to botnet infrastructures. A botnet is a network of compromised computers controlled remotely for illicit activities. NCSC shared this botnet information with related organizations to implement timely preventative measures. 

    8. List of units affected by botnets and vulnerabilities:

    The report also provides detailed lists of fake websites and units with IP addresses involved in botnet activities, including government agencies, ministries, and localities affected. These units need to take prompt action to mitigate risks and protect the security of their information systems.

The report advises governmental agencies and organizations to enhance their monitoring, regularly review their information systems, swiftly resolve vulnerabilities, and share data with NCSC to ensure the cybersecurity of the nation. Fully implementing preventive measures will help organizations and businesses strengthen their ability to respond to future cyberattacks.

https://mic.gov.vn/bao-cao-an-toan-thong-tin-mang-viet-nam-thang-9-2024-197241009152610122.htm

TT
Top