Still coping with difficulties caused by Covid-19, small and medium enterprises (SMEs) also face risks in information and data security in 2021.
Kaspersky’s report on the impact of Covid-19 on SMEs in 2020 pointed out that as the pandemic has caused serious damage to businesses, many of them cut their budgets for information technology and information security solutions in 2021. Micro businesses and business households do not have enough money to hire workers in charge of information security.
Experts said ransomeware of different types ‘mushroomed’ in 2020, targeting more subjects and increasing the level of danger. They have targeted hospitals, medical and financial institutions, important agencies, factories and infrastructure items in order to increase the pressure and require ransoms.
Meanwhile, the level of awareness and vigilance of SMEs about the malware remains modest.
A report from Coveware showed that ransomware ‘favors’ SMEs with fewer than 100 officers with 55 percent of attacks targeting this group of businesses.
The majority of SMEs that are victims of ransomeware pay ransoms in exchange to get back for their important data.
A new characteristic of Ransomware 2.0 is that they not only encrypt data and require ransoms, but also blackmail victims in exchange for not making public the data.
Scamming via emails, mobile messages
Hackers exploit mistakes by officers and key personnel in enterprises and organizations to penetrate into their systems, and steal financial information and enterprises’ data.
Abnormal Security reported that the number of phishing emails disguised as invoices and payments has increased by 81 percent, causing a loss of $81,000 on average for every attack.
Experts found that it is easier to cheat people via mobile messages associated with links that people click on. This type of phishing has become favored by hackers.
Ngo Tran Vu, CEO of NTS Security, said the Covid-19 pandemic has forcef SMEs to run a remote working regime, which is a high risk for businesses’ information safety.
“Officers working from a distance tend to be (careless) when accessing enterprises’ secret information. They may access businesses’ accounts from public wifi networks which can be hacked easily,” he said.
The devices they use, such as computers and smartphones, also cannot be protected well like devices at office which are protected by professional IT officers. Therefore, businesses need to set principles for information access to protect data.
“A plan for safe remote work and scenarios to respond to emergency cases are necessary for SMEs,” Vu said.
He went on to say that backup, both offline and online, on clouds will help reduce risks from ransomware.
The Ministry of Information and Communications has determined that the cloud computing platform is a key part of telecommunications infrastructure to focus on in the coming years.
Pawsitive of the University of Engineering and Technology under the Vietnam National University, Hanoi excellently surpassed rivals to gain the first place at the ASEAN Student Contest on Information Security 2020’s qualifier on October 31.