Attacks on IoT devices: The inevitable trend

As predicted by Bkav at the end of 2016, Internet of Thing devices (IoT) such as Wi-Fi routers, IP cameras, etc. became the target of hackers in 2017, typically the boom of Mirai malware new variants, of which a variant targeted Viet Nam. In addition, the BlueBorne vulnerability in Bluetooth wireless technology pushed 8.2 billion IoT devices around the globe that used this technology in danger. And KRACK, a vulnerability that allowed hackers to access most Wi-Fi networks without a password, caused Wi-Fi-enabled IoT devices to face an unprecedented large-scale cyber security attack.

Explaining the increase in attacks on IoT devices, Bkav experts analyze, manufacturers often use default administrator password on IoT devices and do not recommend users change this before using. Meanwhile, users make no habit of paying attention to the security of devices, usually remaining default password. A study by Bkav has shown that up to 76% IP cameras in Viet Nam still use accounts and passwords pre-installed by manufacturers. Updating the fixes for vulnerabilities on IoT devices is not as straightforward as updating software, requiring direct intervention of users with computer network knowledge. Therefore, it is highly likely that users ignore and do not care about the vulnerability though being warned.

The challenge of safety in authentication technology

In 2017, a series of biometric technologies are introduced to the authentication of user information, especially the image recognition technology. However, these technologies are not complete and vulnerable. Bkav experts have identified the iris recognition technology (Iris Scanner on Samsung Galaxy S8) and face recognition technology (Face ID on Apple iPhone X) are not secure and can easily be beaten. Users should be careful when using these technologies, not to use them in commercial transactions.

Password is the most used authentication solution recently, but the awareness of using password of Vietnamese users is not high. In the past year, a number of cases of losing money in bank accounts in Viet Nam were attributed to this cause. Casually entering account information into websites, strange links or using the same password for various accounts are habits users need to change to ensure safety. According to statistics by Bkav, up to now, still 55% users share a password for accounts in various online services.

Fake news spread over social networks

The explosion of fake news (untrue news) was quite a nuisance to social network users in the past year. In the US, fake news also flooded Facebook, Google, Twitter, etc. especially related to big events. In Viet Nam, statistics from the cyber security assessment by Bkav show that 63% users regularly read fake news on Facebook, of which 40% were daily victims. Not only confusing readers, fake news also had the potential to cause social unrest when bad guys deliberately spread false news related to the economic and political situation of the country.

Bkav experts analyze, the nature of the pervasion of fake news is similar to the spread of computer viruses, which is to attack users’ resistance. You need to build your own resistance to fake news, by asking questions, better proactively verifying when receiving information from untrusted sources. If not equipped with good resistance, encountering false news readers can easily trust, even share without verification. Be a smart social network user.

Cryptocurrency mining malware shows signs of explosion

2017 witnessed the rapid rise of cryptocurrencies, creating a global fever. This has also promoted hackers to increase dramatically attacks to turn computers of users into cryptocurrency mining tools. Recently, two most common attack types used by hackers are exploiting website vulnerabilities and leveraging social networks to spread viruses.

Hackers often choose websites with a large number of visitors to attack and install malware that mines cryptocurrencies. When users visit these websites, malware will be activated. With more than 40% websites in Viet Nam existing vulnerabilities that can be exploited, this will be the target of hackers to spread malware mining cryptocurrencies.

Another form of attack is to spread viruses mining cryptocurrencies through social networks. After the infection, malware will silently use the victims’ machine resources to run the cryptocurrency mining programs. Most recently, malware spreading via Facebook outbroke from December 19, 2017 and raised an "uproar" to the Internet in Viet Nam. According to the statistics from the virus surveillance system of Bkav, more than 23,000 computers in Viet Nam were infected by this type of malware. Bkav experts say that in the coming time, cryptocurrency mining by spreading virus tends to continuously explode via Facebook, email, operating system vulnerabilities and USB.

The obsession named Ransomware

17% users participating in Bkav's 2017 cyber security assessment said they encountered data being encrypted by ransomware. Statistics from the virus surveillance system of Bkav show that 11.22% of email traffic in 2017 were emails spreading ransomware. So, on average, of 100 emails received, users faced 11 emails containing ransomware. This figured has declined comprared to 2016, but still a high one.

2017 also saw the explosion of ransomware exploiting the operating system vulnerabilities to spread at a rapid pace. Typically, it was WannaCry that infected hundred thousands of computers in more than 90 countries in just a few hours. In Viet Nam, more than 1,900 computers contained WannaCry and more than 52% computers existed vulnerabilities that can be attacked by this malware. Then there was the emergence of Petya which extorted a series of banks, airports, ATMs and many large businesses in Europe. Similarly, Bad Rabbit malware spread in the systems of at least 200 organizations around the world. The huge ransom earned by hackers is the reason for the explosion of this malware.

To prevent being attacked by malware, Bkav recommend users back up data regularly, update patches for the operating system, and only open document files received from the Internet in Safe Run environment. Users also need to install antivirus software on their PC for automatic protection.

Predictions for 2018

2018 will continue to witness the explosion of attacks spreading malware to earn illegal profit such as ransomware, cryptocurrency mining virus, etc. Bkav experts predict, in addition to the distribution of malware to create cryptocurrency mining botnets, hackers will also target directly the cryptocurrency trading exchanges. Currently most of the cryptocurrency trading exchanges are not guaranteed by governments, therefore if an attack occurs, participants in the exchanges will bear all risks and lose money.

Facebook continues to be a fertile ground for fraudulent behavior and fake news. Attacks on IoT devices tend to install spyware to carry out APT attacks for political motives.