The Daily Swig Web security digest

Vietnam counts the cost of malware in 2017

James Walker | 02 January 2018 at 12:18

Insufficient protection comes with a $540 million price tag.

The global proliferation of ransomware, IoT equipment hacks, and crypto-mining tools cost Vietnamese businesses and consumers VND12.3 trillion ($540 million) last year, new research from Bkav Corporation indicates.

According to the Hanoi-based cybersecurity firm, which famously cracked Apple’s new Face ID authentication system back in November, the damage caused by viruses and other malware in 2017 was up 16% compared to the previous year – and the “explosion” of malicious attacks is likely to continue through 2018.

As predicted by Bkav at the end of 2016, IoT devices such as WiFi routers and IP cameras proved fertile ground for hackers over the past 12 months. Despite warnings from security community, the company said more than 75% of IP cameras in Vietnam are still using the pre-installed account names and passwords.

“Updating the vulnerability on IoT devices is not as straightforward as updating software, requiring direct user intervention with computer network knowledge,” Bkav said in its 2017 retrospective. “Therefore, the user’s ability to ignore [or] not care about the vulnerability despite the warning is very high.”

While Bkav detected a slight decrease in the proportion of ransomware emails in 2017, the group said more than 1,900 PCs in Vietnam are still infected by the WannaCry virus, and 11% of the country’s email traffic was found to contain malicious links.

Elsewhere, with cryptocurrency now firmly in the global spotlight, Bkav said hackers will continue to ramp up their use of illicit crypto-mining tools this year. “The two most common types of hacks are exploiting website vulnerabilities and exploiting social networks to spread viruses,” the company stated.

“2018 will continue to witness the explosion of attacks spreading software such as ransomware and malicious code digging virtual money. In order to create a network of virtual money botnets, hackers will also target attacks directly on the virtual currency trading platform.”