VietNamNet Bridge – Experts estimate that 66 percent of computers in Vietnam have been infected with malware, which is a “relatively high” percentage, said Nguyen Huy Dung, deputy head of the Information Security Department.
Meanwhile, malware existing in computers at state agencies will cause immeasurable consequences.
Dung said hackers attack computers at state agencies by sending emails with malware to agency officers.
When the malware gets into the computers, it will infect other computers of the same networks and collect important information or change the interface of the websites.
Recently, hackers have begun using social networks as an instrument to deploy attack campaigns.
They forge information sources and show counterfeit URLs that make people think they have access to online newspapers, but in fact, the links lead to “black addresses” which disperse viruses and malware.
Users just need to click a mouse to become infected with malware, and then spread the malware to other computers of the same networks.
Dung said that this was the newest and highest risk for state agencies, especially when civil servants now access social networks.
Ngo Tuan Anh, deputy chair of BKAV, an internet security firm, noted that previously, hackers had to make many exertions to steal information about projects or business contracts. But the work has become very easy now.
They just need to send emails with malware to addresses and wait for someone to mistakenly click into the malware, disguised as online newspapers or normal websites.
As soon as someone clicks on the malware, the viruses will activate and steal information and send data to hackers.
“In some cases, when the hacked computers belong to VIPs which contain important data, and they are brought by VIPs to meetings, they can serve as recorders that allow hackers to keep watch over the meetings,” Anh said.
The security expert said that in order to protect computers from hackers, state agencies need to apply normal anti-virus measures and other measures such as NAC, network access control.
NAC is an approach to computer network security that attempts to unify endpoint security technology (such as antivirus, host intrusion prevention, and vulnerability assessment), user or system authentication and network security enforcement.
He has also suggested using a digital signature as a measure to ensure information security.
“A digital signature is the best instrument to authenticate users via the Internet,” he said.