WORDS ON THE STREET 70th anniversary of Hanoi's Liberation Day Vietnam - Asia 2023 Smart City Summit Hanoi celebrates 15 years of administrative boundary adjustment 12th Vietnam-France decentrialized cooperation conference 31st Sea Games - Vietnam 2021 Covid-19 Pandemic
Apr 19, 2018 / 17:14

Cyber attacks likely cause Vietnam’s industry billion-dollar damage

Vietnam had the highest percentage of industrial control system (ICS) computers attacked, which can cause the country’s industry a damage of billion dollar.

According to the latest data from Kaspersky Lab, the top five countries by percentage of ICS computers attacked in the second half of last year includes Vietnam (70 percent), Algeria (66 percent), Morocco (60 percent), Indonesia (60 percent) and China (60 percent).
 
Percentage of ICS computers attacked in Vietnam was 70 percent in H2 2017
Percentage of ICS computers attacked in Vietnam was 70 percent in H2 2017
The Kaspersky Lab’s report found that in the second half of 2017, nearly 40 percent of all ICS in energy organizations protected by Kaspersky Lab solutions were attacked by malware at least once – closely followed by 35 percent of engineering & ICS integration networks.
The Kaspersky Lab report also found that for all other industries (manufacturing, transportation, utilities, food, healthcare, etc.), the proportion of ICS computers attacked ranged from 26 percent to 30 percent on average. The vast majority of detected attacks were accidental hits.
The cyber security of industrial facilities remains an issue that can lead to very serious consequences affecting industrial processes, as well as businesses losses. While analyzing the threat landscape in different industries, Kaspersky Lab ICS CERT recorded that nearly all industries regularly experience cyber attacks on their ICS computers. However, there are two industries that were attacked more than others – energy organizations (39 percent), and engineering and ICS integration businesses (35 percent).
The sector that demonstrated the most noticeable growth of ICS computers attacked during the second half of 2017 (compared to the first half of 2017) was construction, with 31 percent attacked. The relatively high percentage of attacked ICS computers in the construction industry compared to the first half of 2017 could indicate that these organizations are not necessarily mature enough to pay the required attention to the protection of industrial computers. Their computerized automation systems might be relatively new and an industrial cyber security culture is still being developed in these organizations.
The lowest percentage of ICS attacks – 15 percent – has been found in enterprises specializing in developing ICS software, meaning that their ICS research/development laboratories, testing platforms, demo stands and training environment are also being attacked by malicious software, although not as often as the ICS computers of industrial enterprises. 
Among the new trends of 2017, Kaspersky Lab ICS CERT researchers have discovered a rise in mining attacks on ICS. This growth trend began in September 2017, along with an increase in the cryptocurrency market and miners in general. But in the case of industrial enterprises, this type of attack can pose a greater threat by creating a significant load on computers, and as a result, negatively affecting the operation of the enterprise’s ICS components and threatening their stability.
Overall, during the period from February 2017 to January 2018, cryptocurrency mining programs attacked 3 percent of industrial automation system computers, in most cases accidentally.
According to Luong Thi Le Thuy, general director of Cisco Vietnam, Vietnam was ranked 101 out of 193 countries with a score of 0.245 in the Global Cybersecurity Index 2017 (GCI-2017).
The numbers showed that Vietnamese organizations and enterprises in general as well as people in particular are not cautious and aware of the importance of cyber security, Thuy said.
Nguyen Thanh Duc, Director of CyRadar, recommended that personal users and enterprises need to raise awareness of security measures, such as regularly updating patches for the operating system and software running on them; and equipping with the anti-virus software of the prestigious firms.
In addition, organizations and enterprises should also equip with a network monitoring system to detect attacks on their computers, or malicious connections to the control server.