Cyberattacks more prevalent as online work comes into fashion

Cyberattacks more prevalent as online work comes into fashion

As Vietnam called for nationwide social distancing and people are unable to leave their homes due to the health crisis, work-from-home software is becoming essential for companies – and the providers of these services have been blossoming for months now.

Eric Yuan, founder of the United States-based Zoom Video Communications, Inc. was reported by Bloomberg to have earned about $4 billion in the past three months, raising his total asset value to $7.6 billion and making it on the Bloomberg Billionaires Index. Since last December, the global user base of Zoom has risen by 1,900 per cent as major schools and offices have been forced to take their business online to avoid the spreading coronavirus. About 90,000 schools from more than 20 countries have been using the application for online education.

Similarly, Microsoft in late March also saw a hike of 70 per cent or 40 million users for its video call application Skype.

However, the impressive growth of these applications also expose users to higher risks of privacy invasion and cyberattacks. Most recently, the New York State Education Department banned the use of Zoom at all schools in the state because of security concerns.

The FBI in early April warned of cybersecurity and personal data attacks called Zoom-booming where hackers have joined online classes on the platform to threaten and share pornographic content with other users. About 50 students of Grovecrest Elementary School in Utah state received pornographic videos during an online lesson with the principal.

While Zoom-booming does not strictly constitute a breach of private information, the extent of these security breaches have not been verified which means they could potentially lead to more serious breaches.

Reacting to the phenomenon, a Zoom spokesman reiterated the company’s commitment to protecting the privacy of children as well as the data of learners. Its founder Yuan later sent an apology to users and announced halting the launch of new features for 90 days to focus on fixing the shortcomings of the software.

Vietnamese schools that are depending on Zoom to organise online classes are facing the same risks. Since the pandemic broke out, most schools in the country have applied Zoom to hold online courses.

The hazard in Vietnam may be even more serious because the nation’s cybersecurity index still ranked rather low in February – 50th in the world, according to the Vietnamese Ministry of Information and Communications. Accordingly, about 288 cyberattacks took place in Vietnam, up 1.8 per cent on-month, and down 49.7 per cent on-year.

In 2019, according to a survey by software security solution provider Bkav Vietnam, computer viruses caused damage to the tune of VND20.89 trillion ($908.35 million) for local users, far exceeding the VND14.9 trillion ($647.83 million) in 2018. The total number of malicious-code infections last year reached 85.2 million, up 3.5 per cent on-year.

Moreover, the latest report from the Vietnamese Ministry of Public Security showed that its Department of Cybersecurity and High-technology Crime Prevention discovered a cyberattack campaign, spreading malware via emails with content related to COVID-19 to draw the attention of users.

Since late March, cybersecurity firm Kaspersky Lab has been constantly flagging harmful files with the extensions .pdf, .mp4, and .docx made to look like official documents related to the new coronavirus.

To make them more credible, the criminals made the e-mails appear like they were sent by the World Health Organization. Kaspersky Lab also discovered 93 harmful software in Bangladesh, 53 in the Philippines, 40 in China, and 23 in Vietnam, among others.

Over the past few weeks, US cybersecurity firm Cisco Systems Inc. received 10 times as many requests for security support from companies than usual. Similar to Kaspersky, the company also issued warnings about hackers sending malware under the cover of content related to coronavirus.

According to Wendy Nather, senior advisor at Cisco Systems, the abrupt shift in working forms has enlarged many security vulnerabilities. High-tech criminals can easily take advantage of these to steal passwords of users and commit fraud.

David Emm, a security researcher at Kaspersky, said that once staff members enter any wireless network outside the supervision of their company, the risk of data leak will increase significantly. Therefore, now is the right time for organisations and companies to enhance their security networks before the criminals’ attacks.

“Businesses can protect their employees by ensuring anyone who connects to their networks uses a virtual private network. They can also make sure the office and all endpoints are secure and up-to-date with cybersecurity programmes, and that systems will only run authorised applications,” Emm told SC Media UK.