Organizations must implement more network security monitoring solutions.

DNHN - This is also the recommendation of the BKAV Malware Research Centre when detecting the Spectralviper virus, which targets the computers of several large corporations.

BKAV issued a warning on June 15 regarding a virus attack campaign known as Spectralviper that targeted computers of several large enterprises and Vietnamese users via the SMB vulnerability (a protocol in Windows and DOS operating systems).

According to Nguyen Tien Dat, General Director of the Malware Research Centre at BKAV, 10% of computers in Vietnam still have SMB vulnerabilities, and an estimated 1.5 million Vietnamese computers are vulnerable. One in ten computers has an SMB vulnerability and is susceptible to Spectralviper infection."

Experts determined that hackers exploited a flaw in the SMB protocol on Microsoft Windows to gain access to the system and install Spectralviper as a backdoor to maintain a connection to the infected device. On the victim's computer, the hacker continues malicious activities such as executing malicious code, gaining access to data, and stealing it...

Nguyen Tien Dat stated that the WannaCry virus exploited the SMB vulnerability to rapidly infect over 300,000 computers across the globe. W32 compromised up to 735,000 computers in Vietnam in 2018.CoinMiner is malware that mines virtual currencies by mining SMBs. Mr. Nguyen Tien Dat noted that despite repeated warnings, up to 10 percent of computers in Vietnam have SMB vulnerabilities.

Experts from the BKAV Malware Research Centre advise organizations and businesses to deploy more network security monitoring solutions, such as firewalls and SOCs (network security monitoring centers), to detect anomalies immediately. for prompt treatment and response. Contact units that specialize in network security for assistance in reviewing the entire system, including servers, workstations, and cloud systems, to remove malicious code thoroughly.

Users should update the patch as soon as possible via Windows Update. Check for updates to determine the most recent patches. Urgently back up vital information. On computers with Bkav Pro installed, similar exploit scenarios will be prevented automatically.

According to Kaspersky statistics, there are more than 1 billion online threats and 400 thousand new malware samples are discovered daily. Cyber resilience is the ultimate objective of cybersecurity operations in the face of a pervasive and persistent threat landscape, beyond threat detection and mitigation. Therefore, organizations must agree on a cyber recovery strategy; business leaders and technologists must collaborate closely to reduce disruption and facilitate recovery from evolving cyber threats.

Thu Trang (T/h)