Security experts share: Vietnamese enterprises need to give up the habit of “Losing a cow to take care of stables”.

Hackers can now remotely attack corporate networks and servers through vulnerabilities in the process of building websites or enterprise web applications. In addition, vulnerabilities on third-party platforms can also be a door for hackers to exploit and penetrate the system.

However, the biggest flaw is the subjectivity of Vietnamese businesses in protecting network information security. In fact, investments in ensuring safety and cybersecurity represent only a small part of the operational budgets of Vietnamese organizations and businesses, and often only for traditional anti-virus software. .

The subjectivity of the business based solely on traditional anti-virus software

According to Le Quang Ha, Product Director of the Center for Technology and Technology – Viettel Cyber ​​Security Company (VCS – Viettel Cyber ​​Security), although traditional Anti-virus software can prevent 95% of the risk. cybersecurity, but the remaining 5% risk is the most worrisome when they belong to targeted attacks (APT attacks) with sophisticated, complex scenarios, dedicated to each victim. personalities.

Common tactic of an APT attack (Source: infosecinstitute.com)

The scenario of APT tactics can be based on the following way: Once the hacker has got the email of the individual belonging to the organization, the hacker can compose the email samples with malicious code, send and stimulate users to read them. (such as job application or company payroll, etc.). General invisible after opening the file, malicious code was automatically downloaded to the user’s computer without even knowing it. Once the malware has been released to the user’s computer, a hacker can “escalate the attack” deeper into the internal server system.

Even, Mr. Ha said, VCS once discovered that the source of malware infection came from the computer of a company’s security room. To monitor the camera system, this computer is turned on 24 hours a day, connected to the Internet and connected directly to the server, but the subjective enterprise does not have adequate network security protection. The server is compromised and hijacks the entire network of that enterprise.

Victims only discovered when encountering serious consequences

With the above APT attacks, traditional anti-virus software such as Anti-virus will not be detected. Vietnamese businesses only realize they are attacked when they suffer heavy losses. Therefore, when the server has taken control of the AD (Active Directory) administration server, the losses for businesses are very serious, even there are cases that cannot be rescued.

“In countries with developed security industries, businesses only take an average of 78 days to detect their intrusion, while the average time in Asia is about 204 days. However, for Vietnam. , the average time for businesses to detect that they have been compromised is up to 2 years. “- Mr. Ha added.

New generation security trends in organizations and businesses

Organizations and businesses need a more comprehensive form of protection against current cyber attacks

In this context, the EDR (Endpoint Detection & Response) solution emerges as a fairly common security measure for businesses against intentional attacks (i.e., detecting and preventing threats). system right from the end – computers first come into contact with network attacks). EDR solution as a network security camera system, actively record all data and early detection of risk, as well as provide tools to eliminate attacks early.

Catching the trend of a new generation security solution, Viettel Cyber ​​Security has developed its own EDR solution called VCS-aJiant. Built with all features, meeting Gartner standards, the VCS-aJiant solution includes the ability to monitor, analyze, investigate, and react to eliminate risk and ability to operate on the platform. Windows and Linux.

Different from other EDR products, VCS-aJiant is not only a single security solution but also placed in an ecosystem and other information security products of Viettel Cyber ​​Security, thus enjoying the knowledge of integrated network security from Viettel’s infrastructure. Therefore, VCS-aJiant is always up to date with the latest attack techniques, new sources of malware, and the ability to detect threats early on the network. This is a great advantage of VCS-aJiant for Vietnamese businesses because of their long experience of “fighting” against the dangers of cyber attacks in Vietnam.

With VCS-aJiant solution, Vietnamese businesses are equipped with “solid shields”, which help protect their businesses from cyber attacks.