After that, other fanpages of VOV1, VOV2, VOV TV channel… also received hundreds of similar comments consecutively. Subjects used many different accounts to “review” on Google Maps to reduce the reputation of Radio Voice of Vietnam. Photo: VOV According to VOV, the reporters who made this series of articles were also subjected to a series of strange nicks sending abusive, insulting and threatening messages. Not stopping there, the target group also searched for the phone number and social network of the VOV.VN reporter’s wife or husband to terrorize them in the form of messages. On the morning of June 13, on a fanpage called “Steel Fan Sister Hang” posted the entire so-called “how” to hack the content management software (CMS) of VOV Electronic Newspaper. “From the morning of June 13, accessing the VOV.VN address was very difficult and intermittent. At 13:00 on the same day, VOV’s electronic newspaper was hacked, making it impossible for readers to access it for many hours after that,” VOV said. VOV Electronic Newspaper has also contacted functional units of the Ministry of Public Security and the Ministry of Information and Communications to coordinate in solving and handling the violations of extremists when deliberately attacking the technical platforms of a company. national media. Previously, on June 12, 2021, VOV Electronic Newspaper published articles: “I can’t give myself the right to insult anyone online” and “Mrs Phuong Hang with deviant livestreams: It’s time to take action. strict reason” Talking to the press, the Department of Cybersecurity and High-Tech Crime Prevention (A05) – Ministry of Public Security said that professional units are investigating and clarifying the group of attackers. VOV electronics. The Department of Cybersecurity and High-Tech Crime Prevention (A05) said that it had previously received a dispatch from VOV and understood this issue. Currently, professional units are investigating and clarifying. A05 affirmed that this is the responsibility of the unit and investigated and clarified this issue.

Global Privacy and Transparency Center in Dongguan – China Challenge While we are increasing digitalization around the world, cybersecurity is becoming more important than ever. From the news, we’ve seen an increasing number of cyberattacks on critical infrastructure, such as energy, healthcare, and transportation. These attacks have affected the lives of millions of people around the world. According to Cybersecurity Ventures, in 2021, losses from cybercrime could reach $6 trillion. This is more than the third largest economy in the world. Meanwhile, as a result of the pandemic, people are spending more time online than ever before. And I’m sure many of us will continue to work remotely, even after the pandemic. This is the new normal. And it’s more important than ever to ensure a safe and secure cyberspace. Global progress: An opportunity for improvement On a global scale, with cyber attacks on the rise, all industries are taking cybersecurity more seriously. In the public sector, new laws, regulations and standards are being applied regularly. In the past two years alone, more than 180 cybersecurity laws have been passed in 151 countries. This is amazing progress. In the telecommunications sector, industry organizations such as GSMA and 3GPP have been working closely with industry stakeholders to promote the NESAS Security Specifications and independent certifications. Mr. Ken-Hu rotating chairman of Huawei These frameworks are already widely accepted in the industry and we are confident that they will play an important role in the development and verification of secure networks. However, we still have a lot of work to do. Cybersecurity is a complex, increasingly challenging challenge that requires close cooperation and information sharing. We still lack a coordinated, standards-based approach across the industry, especially when it comes to governance, technical capabilities, certification, and collaboration. Unfortunately, in some places there is still a misconception that the country of origin of the product affects the security of equipment and network technology. This view is simply wrong. That perspective does not address the real challenges and prevents us from forming a unified approach. Our Cybersecurity Experience At Huawei, cybersecurity is our top priority. We share this responsibility with our customers to ensure that the equipment they are using is safe and secure. We are proud of what we have achieved. Over the past 30 years, we have served more than three billion people around the world. We support the stable operation of more than 1,500 service provider networks in more than 170 countries. And we’ve maintained a solid track record in cybersecurity over the years. This is the result of continued investment in cybersecurity management experience. We currently have more than 3,000 cybersecurity R&D employees, with 5% of our R&D spending focused on the security of our products. Generic Methods and Trust Building Of course, our cybersecurity systems were not developed in a vacuum. They are also the result of regular engagement, joint research and joint innovation with our customers, partners, regulators and standards organizations around the world. That’s what this Cybersecurity Transparency Center is all about. Two years ago we opened a similar Center in Brussels. At the time, I said about our ABC principle for security at Huawei: “Trust no one. Trust no one. Check everything.” My point is that trust and distrust should both be based on facts, not feelings, not speculation and not baseless rumors. We believe that data should be verifiable and that verification should be based on standards. Because this is our guiding principle, we have established 6 Cybersecurity and Transparency Centers over the past 10 years in Europe, the Middle East and North America. This center in Dongguan will serve three main functions: To exhibit solutions and share experiences. To facilitate communication and joint innovation. Provides a platform for security testing and verification. This hub is designed to support stakeholders from around the world. The Center has the best tools, testing environments and experts available to our partners, customers and industry colleagues. Here you can understand and test our products. And together, we can work more closely on security, verification and innovation standards. 3 points of view to conclude Before concluding my speech, I would like to take this opportunity to share my three quick views. The first thing is that we need to build capacity together. Cybersecurity threats are complex, diverse, and evolving. No organization can handle it all. From governance, standards and technology, to verification, we need to work together, combine strengths and build our collective capabilities. We also need to share knowledge, like the Security Fundamentals we’re releasing today and the 5G Network Security Knowledge Base deployed by the GSMA. The more knowledge and best practices we share, the more we can effectively enhance cybersecurity as a community. And finally, we need to form stronger alliances. That means governments, standards bodies and technology vendors need to work more closely together to develop a unified understanding of cybersecurity challenges. This must be an international effort. We need to set common goals, align responsibilities, and work together to build a trusted digital environment that meets the challenges of today and tomorrow. Once again, thank you for joining us today and thank you all for joining us online.

People make electronic medical declarations. The National Center for Technology for COVID-19 Prevention and Control has the task of acting as the focal point for coordination and coordination with agencies, organizations and enterprises participating in technical and technology-related support and cooperation to support support for the prevention of COVID-19; design, organize, build, manage, operate, monitor, ensure safety and network security for technology platforms and systems for epidemic prevention and control. The center performs unified management, centralized connection and distribution of electronic medical declaration data, domestic movement declaration data, people’s reflection data, quarantine point data and data control entry and exit of quarantine points between epidemic prevention technology systems. The Center has a flexible working structure, is not an administrative organization, does not create additional organizations and staff, besides the Director, in charge of general administration is the leader of the Informatics Department. The Ministry of Information and Communications also invites medical experts and technology experts to join the National Center for Technology for COVID-19 Prevention and Control, as core members. Reportedly, in the conclusion of the online meeting of the National Steering Committee with the provinces of Bac Ninh, Bac Giang and Ho Chi Minh City on June 2, Deputy Prime Minister Vu Duc Dam asked the Ministry of Information and Communications, the Ministry of Health, The information analysis team of the National Steering Committee coordinated and gathered businesses and experts to urgently complete applications, software and technology solutions to effectively support the task of medical declaration, managing people in isolation, tracing, managing people entering and leaving the hospital, testing and administering vaccines; complete the COVID-19 safety map tool so that localities, businesses and people can look up and participate in updating smoothly.

The Center has the task of acting as the focal point to coordinate and coordinate with agencies, organizations and enterprises to participate in technical and technology-related support and cooperation to support the prevention and control of the Covid-19 epidemic; design, build, manage, operate, monitor, ensure safety and network security for technology platforms and systems for Covid-19 prevention and control. Unified management, centralized connection and distribution of electronic medical declaration data, domestic movement declaration data, people’s reflection data, quarantine point data and access control data quarantine points between technology systems for Covid-19 prevention and control. One of the tasks of the Center is unified management, centralized connection and data distribution between technology systems for Covid-19 epidemic prevention and control. The Center is also responsible for developing or receiving new technology solutions in the prevention and control of the Covid-19 epidemic; serving the requirements of using technology to support the medical profession of the Ministry of Health; supporting technical requirements, guiding the implementation of technological measures for ministries, sectors and localities in the prevention and control of the Covid-19 epidemic. At the same time, urge the application of technology systems and platforms to prevent and control the Covid-19 epidemic as well as perform a number of other tasks as assigned by the Minister of Information and Communications. Having a flexible working structure, not an administrative organization, no additional organization or staff, besides the Director, in charge of general administration is the Deputy Director in charge of the Department of Informatization (Ministry of Information and Communications). ) also invited medical experts and technology experts to participate as the National Center for Technology for Covid-19 Prevention and Control, as core members. Specifically, the Ministry of Information and Communications invited a representative from the IT Department (Ministry of Health) to be the Deputy Director of the National Center for Technology for Covid-19 Prevention and Control. This expert is in charge of connecting between technology and health stakeholders, based on the anti-epidemic practice, proposing specific issues and requirements (head of the article) that need IT tools to support the Ministry of Health. directing the organization of building IT and software solutions to meet the set requirements. The Ministry of Information and Communications also invited Mr. Tran Dac Phu, an advisor of the Vietnam Center for Emergency Response to Public Health Events, to join the Center as a member, in charge of professional advisory work. Besides, the Center also has other core members of the Department of Telecommunication, Department of Information Security, National Center for Electronic Authentication (Ministry of Information and Communications); leading a number of businesses…as a permanent member. The National Center for Technology for Covid-19 Prevention and Control has an assistant department, a professional and technical department consisting of cadres, civil servants, public employees and employees of the following departments: Informatization, Telecommunications, Security information and digital technology enterprises in Vietnam. Depending on the job requirements, the Department of Informatics submits to the Leaders of the Ministry of Information and Communications to add core members of the Center.

(Artwork. Source: bitcoinexchangeguide.com) Ransomware attacks have been on the rise in South Korea over the past year, paralyzing hospitals and shopping malls amid the COVID-19 pandemic leading to an increase in online shopping activities. . On June 3, a large plastic surgery hospital in the south of Seoul announced on its website that its server had been attacked with ransomware and that hackers appeared to have stolen data. patient’s personal data. This is the latest in a series of recently reported ransomware attacks – a tactic used by cybercriminals to infiltrate businesses’ systems and use their data to demand ransom. ransom. According to the South Korean Ministry of Science and Information Technology, last year there were 127 ransomware attacks, a threefold increase from the previous year. Since the beginning of this year, the country has recorded 65 attacks with ransomware. Malware attacks blackmail was aimed at various businesses in Korea. Last month, food delivery company Super Hero’s operations were paralyzed for hours after an attack that affected 15,000 delivery workers nationwide. Last November, local fashion and retail group E-Land was also “inquired” by hackers, forcing 23 of the 50 branches of the NC Department Store and NewCore Outlet to suspend operations. Mr. Kim Seung-joo, Professor of Cyber ​​Security at University Korea , commented that as companies are forced to choose to increase their reliance on remote work during the pandemic, cyber attacks malicious code Blackmail has become a bigger threat because they can paralyze the entire working system. This has led to many companies paying a ransom and has led hackers to carry out more attacks. He urged businesses to invest in cybersecurity to prevent the threat in the first place. In response to ransomware attacks in the near future, last month, the Korean Ministry of Information and Communications Technology set up a 24-hour monitoring group to support hacked companies. . The government is now providing assistance to affected companies in system recovery.

The entrance to a shopping mall in Seoul, South Korea is closed after a ransomware attack. (Source: Yonhap) On June 3, a large plastic surgery hospital in the south of Seoul announced on its website that its server had been attacked with ransomware and that hackers appeared to have stolen data. patient’s personal data. This is the latest in a series of recently reported ransomware attacks – a tactic used by cybercriminals to infiltrate businesses’ systems and use their data to demand ransom. ransom. According to the Korean Ministry of Science and Information Technology, last year there were 127 ransomware attacks, a threefold increase from the previous year. Since the beginning of this year, the country has recorded 65 attacks with ransomware. Ransomware attacks have targeted various businesses in South Korea. Last month, food delivery company Super Hero’s operations were paralyzed for hours after an attack that affected 15,000 delivery workers nationwide. Last November, local retail and fashion group E-Land was also “inquired” by hackers, forcing 23 of the 50 branches of the NC Department Store and NewCore Outlet to suspend operations. Kim Seung-joo, a professor of cybersecurity at Korea University, said that in the context of companies being forced to choose to increase their reliance on remote working during the pandemic, ransomware attacks Money has become a bigger threat because they can paralyze the whole working system. This has led to many companies paying a ransom and has led hackers to carry out more attacks. Kim Seung-joo urged businesses to invest in cybersecurity to prevent the threat in the first place. In response to ransomware attacks, last month, South Korea’s Ministry of Information and Communications Technology set up a 24-hour monitoring team to assist hacked companies. The government is now providing assistance to affected companies in system recovery. (according to Yonhap)

Accordingly, the National Center for Technology for COVID-19 Prevention and Control (Center) is a flexible working structure, not an administrative organization, without creating additional organizations or staff. The Center has the task of acting as the focal point to coordinate and coordinate with agencies, organizations and enterprises in providing technical and technology-related support and cooperation to support the prevention and control of the COVID-19 epidemic; Design, build, manage, operate, monitor, ensure safety and network security for technology platforms and systems for COVID-19 prevention and control. Decided to establish the center. Photo: VT A unified management force, centralized connection and distribution of electronic medical declaration data, domestic movement declaration data, people’s reflection data, quarantine point data and control data entering and exiting quarantine points between technology systems for COVID-19 epidemic prevention and control. The center also develops or receives new technology solutions in the prevention and control of COVID-19 epidemic, serving the requirements of using technology to support the medical profession of the Ministry of Health. The Center will support technical requirements, guide organizations to deploy technological measures for ministries, sectors and localities in the prevention and control of COVID-19. Urging the implementation and application of technology systems and platforms to prevent and control the COVID-19 epidemic. In addition, the Center also performs other tasks as assigned by the Minister of Information and Communications.

Delegates to the International Economic Forum St. Petersburg for the 24th time in Saint Petersburg, Russia on June 3, 2021. Photo: AFP/VNA This is one of the discussion topics in the thematic group “Technology, open horizons”, one of the four thematic groups under the Business Program of the forum. The workshop was chaired and moderated by Mr. Andrey Bezrukov, Chairman of the Association for Export of Sovereign Technology; Professor of Applied Analysis of International Affairs, Moscow State Diplomatic Academy (MGIMO) of the Ministry of Foreign Affairs of Russia. At the beginning of the conference, President Bezrukov commented that the process of digitization is developing rapidly. However, the rapid development will raise the problem of ensuring the security of the critical information infrastructure. Therefore, it is necessary to build a reliable and secure ecosystem as the foundation for digitization. He also said that this is a long process, so businesses need to be aware of this issue in order to participate in cooperation, first within the framework of the Eurasian Economic Union (EAEU), then large corporations. of Russia such as nuclear corporation Rosatom, telecommunications corporation Rostelecom. Speaking at the discussion, General Director of cybersecurity company Kaspersky Lab, Mr. Eugene Kaspersky recalled the cyber attack on Saudi Arabia’s Aramco corporation in 2011 that halted its operations for two years. week. He also said that businesses in the banking and telecommunications sectors are frequent targets of hackers. However, Kaspersky Lab can develop software that allows to protect the system safely against these attacks, or still monitor the hacker’s access to the system. Mr. Kaspersky affirmed that the technology to deal with cyber attacks is there, but the problem lies in the need to coordinate all businesses, provide training on cybersecurity for employees and regularly check. Meanwhile, Andrey Butko, General Director of Rusatom Automated Control System company specializing in ensuring the safety of nuclear information infrastructure, said that the establishment of the system ensures safety for the market. Nuclear is a challenge. The training of nuclear emergency personnel should be supported by the government. For his part, Andrey Golov, General Director of Security Code LLC, expressed his skepticism about Russia’s ability to export cybersecurity technology to other countries. The main reason is that this is a dual-use technology and countries do not fully trust Russia’s security technology. Before the comments that Russian cybersecurity technology should first be applied within the EAEU, after success, the next step could be to export to other countries, Mr. Golov proposed the idea of ​​creating develop a technology based on which, each country can build its own information infrastructure protection system, autonomous in cyber security technology. Igor Lyapunov, vice president in charge of information security of the Russian corporation Rostelecom, also agreed with Mr. Golov when assessing that Russia’s information technology level still cannot meet the demand for technology. current news in the world. Therefore, it is not possible to impose only domestic information technology and equipment in Russia. Independent expert Dani Danone, Israel’s Permanent Representative to the United Nations for the period 2015-2020, raised the issue that the government should play a leading role in ensuring information security. Children from the time they are in high school also need to be taught about information security. He also emphasized that the information ecosystem needs to be kept safe and needs cooperation around the world Deputy Minister of Industry and Trade of the Russian Federation Vasily Shpak said that cyber security is an extremely important factor and this is a challenge for the Russian government, so it is necessary to establish Russia’s own information systems. To do this, it is necessary to look at the whole, coordinate among Russian ministries/sectors, and at the same time consider the application of new technologies such as quantum computing or artificial intelligence. Deputy Minister Shpak affirmed that this is the “Information Security Front” and must manage this issue from the top. Russia is currently in a favorable position to step by step solve the problem of information security because of its developed science and promotion of the program to replace imported goods. Since 1997, the International Economic Forum of St. Petersburg has become the world’s leading forum for members of the business community to meet and discuss key economic issues facing Russia, emerging markets and the whole world. Plans to hold the forum in 2020 have been canceled due to the COVID-19 pandemic.

And recently, he also made Facebook users happy like opening the flag in their stomach when together with friends, he formed a group called “7onez – Free support” to support problems about Facebook and other social networks. . For the purpose of serving the community’s interests, the group will have members who are experienced in Facebook security, and support to recover accounts when locked, especially problems/questions will be supported free of charge. online fees. Hieu PC’s personal Facebook post Facebook Although just established, the group has attracted nearly 6K people, with the introduction “This is a small group of 7onez used to help you improve your security and recover your Facebook, Gmail, Instagram accounts… Free of charge. Supporters will be those who are censored and selected by the 7onez administration.” So if you have problems with account security or your account is locked, just post or inbox will be answered by everyone, support to get back quite quickly and especially can avoid scam cases. Free support group

A malware attack against Commport Communications puts 1 million of Canada Post’s customers at risk of having their personal data exposed. Illustration: VNA A malware attack targeting Commport Communications, one of Canada Post’s providers, has affected 44 of Canada’s largest business customers, Canada Post, Canada’s national postal group, said. Canada Post across the country and nearly a million people are at risk of having their personal data exposed. Commport Communications operates in the field of electronic data exchange, management of shipping declaration data of large parcel delivery businesses. Commport Communications’ systems have access to information such as the names and addresses of senders and recipients when large parcels are shipped. Canada Post said the cyberattack obtained information about delivery activity between July 2016 and March 2019. According to Canada Post, 97% of the information stolen was names and addresses. This attack did not have access to financial information. Canada Post is currently working closely with Commport Communications and has invited external cybersecurity experts to fully investigate and take appropriate action. Canada Post said it proactively notified affected business customers and provided the information and support needed to help them determine next steps. At the same time, the Privacy Commissioner’s Office was notified of the incident.

Colonial Pipeline Company’s fuel tanks in Baltimore, Maryland, USA. (Photo: AFP/VNA) US Department of Homeland Security (DHS) on May 27 issued new security guidance for owners and operators of fuel pipelines. This move follows a cyber attack on the company’s fuel pipeline system Colonial Pipeline , leading to gas supply disruptions on the US East Coast this month. Homeland Security Secretary Alejandro Mayorkas said: “The recent malware attack on a major fuel pipeline shows that the cybersecurity of pipeline systems is a critical factor. pivotal to the homeland security of the United States.” Under DHS, owners and operators of fuel pipeline Key players will be required to immediately report confirmed and probable cyber-attacks to the Department of Cybersecurity and Infrastructure Security under their respective jurisdictions. DHS (CISA), and appoint a cybersecurity coordinator available 24 hours a day and 7 days a week. The issuance of the new guidance also requires fuel pipeline owners and operators to review current cybersecurity measures to detect any vulnerabilities, as well as remedial actions if necessary. there is a risk of a cyber attack. They must notify this result to the Transportation Security Administration (TSA), a unit of DHA, and CISA within 30 days. The DHS statement said TSA is considering additional mandatory measures to enhance cybersecurity to protect the US fuel system. Previously, on May 7, Colonial Pipeline announced that it was attacked by ransomware and forced to close some systems. This incident caused a large-scale supply disruption, causing thousands of gas stations on the US East Coast to fall into shortages and gasoline prices to the highest level since 2017. The US government has issued an order. state of emergency in 17 states and Washington, D.C. After more than 1 week of being affected, the Colonial Pipeline oil pipeline has returned to normal operation. Colonial Pipeline has publicly confirmed paying a ransom to restore computer networks. Meanwhile, the US Federal Bureau of Investigation (FBI) identified DarkSide as the hacker group behind the attack.

Ransomware is a type of malware that encrypts the victim’s data. Cybercriminals using ransomware also often steal data. The hackers then demanded a payment to unlock the files and promised not to leak the stolen data. In recent years, hackers have targeted victims with cyber insurance policies, and large volumes of sensitive consumer data make them more likely to pay ransoms, according to cybersecurity experts. According to the unnamed source, CNA paid the hackers about two weeks after a bunch of company data was stolen and CNA officials were locked out of its own network. CNA does not comment on the ransom, with a CNA spokesperson saying CNA followed all laws, regulations and guidelines, including OFAC’s 2020 ransomware guide, in handling the matter. CAN also shares attack intelligence and hackers’ identities with the FBI and the Treasury Department’s Office of Foreign Assets Control because facilitating ransom payments to hackers can cause punishment risk. The largest ransom amount Ransomware attacks – and payments in particular – are rarely disclosed so it’s difficult to know what the largest ransom is. The $40 million payout is larger than any previously disclosed payments to hackers. The hackers attacking CNA used malware called Phoenix Locker, a variant of ransomware called ‘Hades.’ According to cybersecurity experts, Hades was created by a Russian cybercrime organization called Evil Corp. Evil Corp. was sanctioned by the United States in 2019. However, identifying attacks can be difficult because hacking groups can share code or sell malware to each other. CNA, which provides cyber insurance, said its investigation concluded that the Phoenix hacker group was not on the US sanctions list. The disclosure of the payment is likely to draw outrage from lawmakers and regulators who are unhappy that US companies are paying large sums of money to criminal hackers who over the past year have targeted hospitals, drug manufacturers, police forces and other entities critical to public safety. The FBI discourages organizations from paying ransoms because it encourages additional attacks and does not guarantee data will be returned. Last year was a standout year for ransomware groups, with a task force made up of security experts and law enforcement agencies estimating that victims paid around $350 million in ransom last year, up 311% compared to 2019. The Task Force suggested 48 actions the Biden administration and the private sector could take to mitigate such attacks, including better regulation of money markets. digital currency used to make ransom payments. The report, prepared by the Institute for Security and Technology, was delivered to the White House days before the Colonial Pipeline Company was compromised in a ransomware attack that resulted in fuel shortages and long lines at stores. gas stations along the US East Coast Bloomberg reported that Colonial paid hackers nearly $5 million shortly after the attack. Colonial CEO Joseph Blount, in an interview with the Wall Street Journal published Wednesday, confirmed that the company paid the hackers – $4.4 million in ransom. According to two people familiar with the CNA attack, the company initially ignored the hacker’s request and attempted to recover the data without negotiating with the criminals. But within a week, the company decided to start negotiating with the hackers, who were demanding $60 million. Residents said the payment was made a week later. According to Barry Hensley, chief intelligence officer at cybersecurity firm Secureworks Corp. then the Phoenix Locker seems to be a variation of Hades based on the overlap of the code used in each. He said they have not yet identified which hackers used the Hades variant to attack CNA. Cybersecurity firm CrowdStrike Holdings Inc believes Hades was created by Evil Corp. to bypass US sanctions against the hacking group. In December 2019, the Treasury Department announced sanctions against 17 individuals and six entities associated with Evil Corp. At the time, the Treasury Department said Evil Corp used malware “to infect computers and collect login information from hundreds of banks and financial institutions in more than 40 countries, causing more than 100 million dollars of theft. “It is illegal for any U.S. company to knowingly pay a ransom to Evil Corp. According to Melissa Hathaway, President of Hathaway Global Strategies and a former cybersecurity adviser to Presidents George W. Bush and Barack Obama, demand for ransomware has grown exponentially over the past six months. Hathaway said the average hacker’s ransom demand is between $50 million and $70 million. Those claims are often negotiable, and companies often pay ransoms in the tens of millions of dollars, in part because cyber insurance policies cover some or all of the costs. Hathaway estimates that the average payout is between $10 and $15 million. Ngoc Linh – According to Insurance Journal

Illustration. The cybersecurity situation has undergone drastic changes in recent times, especially in the context of the Covid-19 epidemic and the trend of remote working. This manifests itself in large-scale and increasingly complex attacks. Hackers perform an average of 50 million password attacks per day, 579 attacks per second. AGAINST MALWARE AND RAMSOMWARE WITH DEVELOPMENT Microsoft’s telemetry results released over the weekend showed that the prevalence of malware and ransomware infections in Asia-Pacific has been increasing over the past 18 months, stretching back to before the Covid-19 pandemic. -19 outbreak to date. Specifically, in Australia it is 23%; China is 80%; India 15%; Japan 16%; New Zealand 19%, Singapore 43%, Hong Kong 38%, South Korea 22%, Malaysia 2%, Philippines 15%, Taiwan 16%, Thailand 3% and Vietnam 7%. Among them, Indonesia alone has a 24% decrease in malware infection rate. The number of cyber attacks and the number of Vietnamese IP addresses in botnets increased in March 2021 due to hackers taking advantage of the increasing demand for Internet use by users as well as people’s interest in translation information. Covid-19. During the same period, the number of ransomware infections (a subset of malware) also increased by 453% in Australia; China (463%); India (100%); Japan (541%); New Zealand (825%); Singapore (296%), Hong Kong (179%), Indonesia (31%), South Korea (64%), Malaysia (72%), Philippines (70%), Taiwan (407%), Thailand (6%) ). This figure in Vietnam is recorded at 15%. In Vietnam, in March 2021 alone, the Information Security Administration recorded 491 incidents of cyber attacks on information systems, an increase of 8.15% compared to February 2021. In which, the number of Malware attacks is 180, while Phishing and Deface attacks are 164 and 147, respectively. In the first quarter of 2021, although compared to the same period in 2020, the number of cyberattacks causing problems on information systems decreased by 20%, but from the beginning of 2021 to now, the number of cyberattack incidents has decreased by 20%. is still in an uptrend. Experts believe that the reason for the increase in the number of cyberattacks and the number of Vietnamese IP addresses in botnets in March 2021 was because hackers took advantage of users’ increasing demand for Internet use as well as the interest People’s attention to information about Covid-19 epidemic. Therefore, the number of Phishing and Malware attacks on systems has increased to cheat, destroy and steal information illegally… It can be seen that, in the context of complicated epidemic developments, when more and more organizations, businesses and individual users work remotely, work from home, they are creating an environment for bad guys to exploit vulnerabilities, Attacks, information theft, large-scale cyberattacks take place in Vietnam and around the world. ABOUT 3.5 MILLION SECURITY PROFESSIONALS IN 2021 Experts say that even as more people begin returning to the office, hybrid work is forecast to remain the norm in the future. According to Forrester, as people gradually settle into a new working model after the pandemic, we will still see an increase in the proportion of employees working remotely compared to before the pandemic, at 300%. And the current Job Trends Index report shows that 53% of respondents in Asia plan to move to a new place because they can work remotely, compared to 46 percent globally. %. That change has been demanding an urgent need for new security solutions to meet the way of working, especially when the network of organizations is no longer limited to the “office wall”. This requires a very different mindset from the traditional “network is the border” and “device protection” approaches. Organizations and businesses need to take data and authentication as the center. While there are many other ways to secure these days, addressing identity, authentication, and information management issues is still critical. Experts have pointed out 4 main pillars to protect users against new work era cyber threats, including: identity protection, Zero Trust mindset, cloud application, and resource investment. security personnel. The network of organizations is no longer limited to the “office wall”. This requires a very different mindset from the traditional “network is the border” and “device protection” approaches. As recent attacks have shown, identity will be the “battlefield” for future attacks. Microsoft Vice President of Security, Compliance, and Identity Vasu Jakkal said that, in a world where identity is the new battleground, adopting a Zero Trust strategy has become a must for businesses. Karma. The hybrid workplace is virtually borderless, so it’s important to establish protective “barriers” around identities and devices. As part of his journey to building a Zero Trust mindset, the expert emphasized that “passwordless authentication will be the trend of the future and that transformation will be seen this year”. Besides the application of technology, experts also emphasize the special importance of people and skills in ensuring information security of each business organization. However, the lack of security professionals and the lack of diversity in security teams are two weaknesses that attackers will find to hit next year, the expert said. It is estimated that the information security industry will be short of about 3.5 million security professionals this year.

First, US President Biden announced $20 billion in funding to modernize the energy system and address digital security breaches. Other international and regional companies around the world also come up with their own strategies to mitigate this threat. Saudi Arabia’s oil giant Aramco, Siemens Energy and the World Economic Forum (WEF) have announced they will be releasing a joint report on cyber resilience in the oil and gas industry. The report will establish a blueprint for assessing how best to manage the various risks and threats associated with cyberattacks. The report brings together the experiences of 40 energy experts, who will provide their experience and expertise to outline some of the key cyber threats facing the industry and how best to mitigate those. this threat to improve energy security worldwide. The report comes after years of the oil and gas industry suffering from digital security breaches not only in the United States, which saw the Colonial Pipeline attack this month and a hack in February 2020 for a compressed air facility that caused a two-day power outage. Other oil and gas facilities around the world have also suffered similar losses. In 2012, Saudi Arabia experienced a cyber attack that resulted in more than 30,000 computers being hacked. In addition to this report, Siemens also announced a partnership with US software company ServiceNow to establish a unified software to monitor, detect, and respond to cyberthreats targeting power infrastructure. important amount. Siemens Energy’s artificial intelligence (AI)-based software combined with ServiceNow’s Operations Technology Management system exposes cyber threats for analysts to assess and prioritize early response. Leo Simonovich, Vice President and Global Head of Industrial Networks at Siemens Energy said of the report: “Digitalization is empowering the oil and gas sector to be more efficient, flexible and reliable – but it also opens up many new vulnerabilities for cyberattacks. More than ever, cybersecurity must be at the core of companies’ business and operating models, especially in the oil and gas industry. Effective defenses depend on robust monitoring and detection – which means companies cannot act alone. Coordination and alignment are very important; This latest book, based on insights from leaders in the oil and gas sector, reflects these efforts. ” “Most energy companies grapple with complex technological and economic challenges associated with monitoring, detecting, and preventing cyberattacks on critical infrastructure,” emphasized Leo Simonovich. important. Our MDR, powered by the Eos.ii solution, is the first AI-based platform built to provide visibility and context across the energy industry’s entire digital operating environment. to promptly prevent attacks”. This is one of the ways the oil and gas industry is using AI and other innovative technologies to improve security and monitoring and evaluation operations across multiple sectors. As the United States ramps up its game in cybersecurity, the rest of the world has taken note of this recent attack and is responding at the international level to ensure that energy security is not compromised. development is synchronized with the digitization of the energy system. Establishing and regulating cybersecurity practices across the industry enhances the collective recovery efforts of oil and gas companies, presenting a united front against cybercrime and security threats other importance.

The US has opened an investigation into this cyber attack. Ransomware is a type of malware designed to lock down a system by encrypting data and demanding a ransom from the victim to regain access. Colonial Pipeline asked a cybersecurity company to coordinate with federal law enforcement agencies to investigate this cyberattack. President Joe Biden was briefed on the incident. The White House said Washington will work to help the Colonial Pipeline resume the interrupted fuel supply. This is considered the largest cyber attack on the US energy system Colonial Pipeline is providing nearly half of the fuel for the US east coast. This is considered one of the largest ransomware attacks ever recorded against US energy infrastructure. The shutdown of the largest fuel pipeline network in the United States will cause the price of this item and related products to spike. Colonial Pipeline transports 2.5 million barrels of gasoline and other fuels per day through 8,850 kilometers of pipeline connecting Gulf Coast refineries to the eastern and southern United States. The company also supplies fuel to several major US airports, including Hartsfield Jackson Airport in Atlanta, which has the world’s largest passenger traffic.

Colonial Pipeline transports 2.5 million barrels of fuel per day. Photo: Colonial Pipeline According to the BBC, the state of emergency allows fuel to be transported by road. The news agency quoted experts as saying that fuel prices could increase by 2-3% on May 10, but the real impact would be much worse if this situation continued for longer. Many sources confirm that the malicious code attack is caused by a cybercriminal gang called DarkSide, which infiltrated Colonial’s system on May 6 and stole nearly 100GB of data as a “hostage”. After taking over the data, the group of hackers locked this data on some computers and servers, demanded a ransom and warned that if they did not receive the money, they would release the data on the internet. Colonial is working with law enforcement, cybersecurity and the US Department of Energy to restore service. On the evening of May 9, the company announced that although the four main pipelines continued to stop, some smaller lines between the terminals and delivery points were still operating. “Immediately after learning of the attack, Colonial proactively shut down certain systems to stop the threat. These actions temporarily halted all pipeline operations and affected some systems. our information technology system, which we are actively working on restoring,” said Colonial. “We are in the process of restoring service to other pipelines and will bring the entire system back online when we believe it is safe and in full compliance with all federal regulations. “. The DarkSide message appears on the victim’s computer screen. DarkSide isn’t the largest cybercriminal gang in the field, but the incident demonstrates the heightened risk that malware poses to critical U.S. industrial infrastructure, not just businesses. This gang lists all types of stolen data and sends the victim the URL of the “personal leak site”, where the data is pre-loaded waiting for automatic publication, if the company or organization does not. payment before the deadline. DarkSide claims to provide proof of the data obtained, and is ready to delete all such data from the victim’s network. According to Digital Shadows, a London-based cybersecurity company that tracks global cybercrime groups to help businesses limit their risk of being hacked, DarkSide acts like a company.

According to the Vice , DarkSide’s message does not directly refer to the Colonial Pipeline attack, but is titled “Regarding the Latest News”. The group said its actions were unrelated to politics. The cyber attack on May 7 caused the Colonial Pipeline’s fuel pipeline system to stop working. Photo: Bloomberg. “We are a non-political group, not involved in geopolitics. Don’t tie us to a government or look for other motives… Our aim is to make money, not to cause problems for society,” a DarkSide representative wrote on a website belonging to the dark web. According to the Washington Post , some US officials believe that DarkSide is the hacker group behind the Colonial Pipeline attack. Also in the new statement, DarkSide said it will change the way it works and selects targets. “From today, we will examine and analyze each company that partners want to encrypt to avoid social consequences,” the group wrote. On May 7, Colonial Pipeline announced that it had to disconnect some systems after discovering it was “a victim of a cyber attack”. According to the Business Insider , this move caused more than 8,046 km of fuel pipes and some computer systems of Colonial Pipeline to stop working. In an updated statement on May 8, the company representative confirmed that the software used for the attack was in the form of ransomware, which encrypts files in the system and requires victims to pay if they want to get it. again. The company hired a cybersecurity firm to investigate the severity of the attack. The DarkSide hacker group spoke out after the alleged implementation of a cyber attack against the Colonial Pipeline. Photo: Motherboard. According to information on its website, Colonial Pipeline transports about 45% of all fuel consumed on the East Coast of the United States. On May 9, the company said that while the main pipelines are still closed, some smaller pipelines have been reactivated. In response to the incident, the US Department of Transportation has declared a state of emergency in 17 states and Washington to lift restrictions on carriers and drivers assisting in fuel shortages. The declaration of emergency will be in effect until the end of the state of affairs, or until 23:59 on June 8 (local time). After the Colonial Pipeline incident, gasoline prices in the US increased more than 3% to $2,217 per gallon – the highest price since May 2018. Experts warn that the price of gas raw materials may increase further if Colonial Pipeline does not reopen the pipeline in the next few days. How did the FBI hack the suspect’s iPhone? Cellebrite has invented a phone-cracking technology that makes it easier for the FBI to investigate.

Colonial Pipeline’s Dorsey hub in Maryland, USA. Photo: Reuters The difficulty in fuel supply has raised concerns that gasoline prices at pumping stations will escalate during the peak summer travel season. Colonial Pipeline said the company is trying to resume operations this weekend after its fuel pipeline system was paralyzed since May 7 after being hit by a cyber attack. The shutdown of the Colonial Pipeline’s fuel pipeline system shut down nearly half of the US East Coast’s fuel supply. The US Energy Administration on May 10 called for mandatory cybersecurity standards for fuel pipeline operators and operators. “Incentivizing the voluntary application of standards to pipelines is inadequate,” said US Federal Energy Regulatory Commission Chairman Richard Glick. The US Federal Bureau of Investigation (FBI) has accused a cybercriminal group called “DarkSide” of causing a ransomware attack on Colonial Pipeline. Reuters news agency quoted cybersecurity experts as saying that DarkSide is based in Russia or Eastern Europe, so the gang usually avoids targeting computers that use the languages ​​of the former Soviet republics. However, US President Joe Biden on May 10 expressed he did not believe that the Russian government was behind the cyber attack on the Colonial Pipeline. “So far there is no evidence based on our intelligence that Russia is involved,” Biden said. A statement titled DarkSide group on May 10 stated: “Our goal is to make money and not create problems for society.” Ransomware attack is a type of malware designed to disable computers by encrypting data and blackmailing victims if they want to regain system access. It is not clear what price the hackers offered for Colonial Pipeline, and the company has not commented on the matter. Fuel demand in the southeastern United States has increased sharply in recent days as consumers fear fuel shortages. The Southeastern region of the United States has long depended mainly on the supply of fuel flowing through the Colonial Pipeline’s pipeline system. The average national gasoline price rose 6 cents to $2.96 a gallon last week, the highest since May 2018 and close to a peak set in 2014, the American Automobile Association said. also warned of speculation about fuel hoarding as the supply continued to decrease. Katina Willey, a resident of Florida on May 10, said she had to go to 5 gas stations to buy gas. “Consumers have to wait in long lines at three of the five gas stations I go to,” added Katina Willey. Many other car owners said they were also looking to refill their gas tanks out of fear that the fuel situation could worsen. If the Colonial Pipeline’s pipeline disruptions continue, fuel suppliers may be able to force fuel transportation by trucks and trains to partially ease the fuel shortage. The US Department of Transportation on May 9 lifted travel restrictions for fuel truck drivers in 17 states affected by supply disruptions.

Illustration. The breach at Alpharetta, Georgia-based Colonial Pipeline is the latest in a series of cybersecurity incidents confronting the administration of President Joe Biden – as well as a striking reminder that many companies Operators of the nation’s most basic infrastructure, from dams to power plants, are still unprepared to deal with the threats posed by toxic numbers. Here’s a summary of how a criminal gang managed to get into Colonial’s systems and why the tool they use – ransomware – is such a persistent threat. How can a hacker shut down a pipeline? On May 7, Colonial Pipeline said it learned that hackers had infected their computer networks with ransomware, malicious code used to take control of computers and extract payments from victims. The breach affected Colonial’s business network, which it uses for tasks like payroll management and data reporting to regulators. Colonial disabled those systems, but it also turned off the much more sensitive technology running its pipeline operations — a precaution meant to prevent hackers from accessing it if they hadn’t already. These systems monitor air flow for impurities and leaks, control power levels, and perform other automated tasks to keep pipelines running smoothly. What exactly was closed? Colonial shut down its entire main pipeline, more than 5,500 miles long from Houston, Texas, to Linden, New Jersey. The pipeline transports 45% of gasoline, jet fuel and diesel to the US East Coast, according to the company. The short-lived outage sent wholesale gas prices up on financial markets in the affected region, but that rally cooled slightly during trading on May 10. And while some gasoline retailers may try to add a few cents a gallon to the price at the pump, there have been no reports of shortages at suppliers serving those retail points. Market analysts say the pipeline shutdown will need to last through at least the middle of the week to start affecting supply in some parts of the Southeast, and Houston’s refineries won’t start. reduce production unless Colonial shuts down until next week. Overall, the US is stockpiling 235 million barrels of gasoline, enough to supply the whole country for nearly a month. However, retail gasoline prices have risen steadily in recent weeks and any anxiety could accelerate gains as the country approaches Memorial Day weekend, which the industry considers is the beginning of the “summer driving season” in high demand. How bad could this be? It depends on whether the outage turns into a protracted crisis for Colonial’s customers, which include busy airports and US military bases. Some customers can buy fuel from foreign suppliers, but they will face more financial pressure as Colonial’s pipeline network remains offline. Colonial said on May 10 that it has begun reactivating segments of the pipeline and anticipates “significantly restoring operational service by the end of the week”. However, they did not explain what “basically” means and did provide some other details about the attack investigation. What is Ransomware? Ransomware is software that hackers deploy to lock down victims’ data so they can’t access or use it – in the worst case scenario, essentially shutting down an entire company or government office. The hacker then demands a ransom in exchange for providing a digital key to unlock the files. Over the past few years, ransomware has grown from an occasional nuisance to a ubiquitous threat. Victims include the hospital system, the school district and the DC police department, as well as many small businesses. According to the FBI report, ransomware attacks increased by 37% from 2018-2019 and 20% from 2019-2020. According to one report, the pandemic has led to a significant increase in ransomware, with the number of attacks Attacks more than doubled year-on-year, with a particularly large increase in the healthcare sector. The Department of Justice recently launched a task force to explore new solutions to the problem. But in the meantime, the problem continues to get worse as criminal motives grow. Why aren’t pipelines and power plants better protected against ransomware? The private companies that operate much of America’s critical infrastructure — power plants, dams, natural gas pipelines, and other critical facilities — often neglect to implement safety protocols. government-recommended cybersecurity. While protecting against foreign government hackers sometimes requires complex technology that small critical infrastructure operators cannot afford, protecting against ransomware is are not. Use strong passwords, train employees not to click on suspicious links, and require employees to use multi-factor authentication – which involves entering a randomly generated number after entering one’s password – can prevent all but the most advanced types of hacks, including ransomware. Despite years of warnings from government officials and cybersecurity experts, most companies outside of the highly regulated financial sector have not taken many of these steps. And even organizations that try to take cybersecurity seriously can be covered by small holes. A long-neglected office worker or old computer in a closet is often the weak link that opens an organization’s doors to hackers. With so many companies leaving themselves with easy targets, many cybercriminals have started using ransomware to make money. By choosing victims they know there can be no downtime, these criminals virtually guarantee themselves an easy profit. Additionally, many ransomware operators have begun exploiting a secondary source of profit: reselling stolen data on the dark web, where sensitive personal information can fetch huge sums. Between victims and hackers is a burgeoning crypto ecosystem, consisting of unscrupulous payment facilitators ready to handle ransom transactions and rock wall law enforcement. How often do victims pay the ransom? The US government discourages ransomware victims from paying attackers to regain access to their data. While some ransomware operators honor their agreements and unlock victims’ files to foster trust and increase their chances of receiving a future ransom, many of these criminals simply take the money and disappear. Paying the ransom also encourages cybercriminals to continue their attacks. Anne Neuberger, deputy national security adviser for cyber and emerging technologies, said: “We recognize that victims of cyberattacks often face very difficult situations and they must balance the cost-benefit when there is no other option about paying the ransom,” – told reporters on May 10 In the US, it is not illegal to pay a ransom to regain access to locked data. However, it is illegal to pay ransoms to entities on the Treasury’s sanctions list, and the Treasury Department has warned companies that assist ransomware victims to conduct due diligence on hackers. before making payment arrangements. DarkSide, what is the group behind the attack? The FBI has confirmed that the Colonial Pipeline hack was the work of the DarkSide ransomware gang. This group is a relatively newcomer to the ransomware ecosystem, but they are already well known for their professionalism, patience, and large ransom demand. Security firm Cybereason wrote in a report last month: “The team has a phone number and even a help desk to facilitate negotiations with the victim, and they are putting a lot of effort into gathering information. about their victims – not just technical information about their environment, but more general information about the company itself, like the size of the organization and estimated revenue.” DarkSide is based in Russia, but so far the US has said it does not believe the hackers acted on behalf of the government of Russian President Vladimir Putin. Mr. Biden said on the afternoon of May 10: “To date, there is no evidence … from our intelligence people that Russia is involved. However, he added: “There is evidence that the actor’s ransomware is in Russia. They have some responsibility to deal with this.” Like other ransomware gangs, DarkSide operates on a so-called “ransomware-as-a-service” model, in which it provides code to less sophisticated hackers and helps them carry out attacks enter in exchange for their share of the profits. After being closely watched by the Colonial Pipeline attack, DarkSide seems to be rethinking this model. On May 10, a purported statement from the DarkSide hackers announced the group’s intention to scrutinize the partners’ planned attacks in the future to “avoid social consequences.” festival”. “Our goal is to make money, and not create problems for society.” What is the US government doing with this attack? The White House has established a working group that includes the Department of Homeland Security’s Cybersecurity and Infrastructure Agency; The Department of Transport’s Pipeline and Hazardous Materials Safety Administration; FBI; and the Departments of Energy, Treasury and Defense. These agencies are working together to prepare for various scenarios should the pipeline remain shut, including planning for shortages and higher gas prices. In addition, the Department of Transportation waives regulations that limit the driving time without rest of fuel trucks in 17 states and Washington DC. That could make it easier to deliver to customers due to Colonial’s closure.

Illustration. https://tinhtexaydung.petrotimes.vn The attack resulted in higher gas prices, causing drivers to worry about shortages, while Colonial Pipeline Co. is working to restart the fuel line. However, the price of gasoline sold at pumping stations is higher and the possibility of fuel supply shortage is inevitable. After all, it is only temporary and its effects will be fleeting. But there’s a bigger problem: this has to do with America’s energy infrastructure, exactly how secure is its cybersecurity infrastructure? Experts soon said: The team that carried out this attack consisted of seasoned hackers. Later, a ransomware group called DarkSide claimed responsibility for the attack, and the FBI also pointed to this group as the culprit. Here’s what DarkSide said in its statement: “We are apolitical, we do not engage in geopolitics, do not need to tie us to a defined government, and seek our motives. . Our goal is to make money, and not create any other problems for society. Starting today, we’re introducing censorship and vetting of each company that our partners want to encrypt to avoid future social consequences.” The statement was clearly intended to address allegations made that Russia was behind the attack, but even the White House was careful not to point the finger at Moscow. President Biden said there was no evidence that they were involved in the attack. That’s related to geopolitical motives, but the statement also suggests that DarkSide and its partners won’t stop, even if they don’t intentionally cause problems. “Colonial may be at risk of leaking consignor confidential data,” said Vicki Knott, CEO of CruxOCM, a provider of control room operations services to the oil and gas industry. https://tinhtexaydung.petrotimes.vn

Illustration. https://kinhtexaydung.petrotimes.vn The action comes as Colonial Pipeline continues to face a ransomware attack that crippled the pipeline system, leading to widespread fuel shortages along the East Coast, prompting the Biden administration to take notice. get “the response of the whole government”. The Colonial Pipeline hack is just the latest example of criminal groups or state actors exploiting US cyber vulnerabilities. Last year, IT company SolarWinds’ software was breached, giving hackers access to communications and data within several government agencies. “We simply cannot let waiting for trouble next thing that happens is the status quo we are operating in,” an official told reporters during a conference call on the evening of May 12. Biden’s executive order takes several steps to modernize the nation’s cybersecurity: Require information technology service providers to notify the government of cybersecurity breaches that may affect U.S. networks and remove certain contractual barriers that may prevent providers from doing so. provide violations. Create a standardized guidebook and set of definitions for federal responses to cyber incidents. Push the federal government to upgrade to secure cloud services and other network infrastructure, and mandate multi-factor authentication and encryption for a specific period of time. Improve the security of software sold to the government, by requiring developers to publicly share certain confidential data. Establish a “Cybersecurity Review Board” composed of public and private sector officials, which may convene after cyber attacks to analyze the situation and make recommendations. Improve information sharing within the federal government by enacting a government-wide endpoint detection and response system. News of the President’s action came about an hour after Colonial announced it had restarted pipeline operations, although it would take several days for fuel deliveries to return to normal. “Colonial will move as much gasoline, diesel and jet fuel as possible and will continue to do so until the market returns to normal,” the statement also thanked the Biden administration “for its leadership and their cooperation”. https://kinhtexaydung.petrotimes.vn

Fake news is quickly discovered and handled 2 Fanpage: “Hai Phong” (Page.HaiPhong) and “An Lao 24h” have posted false information about the situation and evolution of the COVID-19 epidemic. Photo: VNA broadcast Over the past days, consecutive subjects who have given false information and false information have been strictly dealt with by the authorities, the right person, the correct one. Typically, on May 10, the Hanoi City Police coordinated with the Department of Information and Communications (Hanoi) to fine 12.5 million VND and requested to remove the article for Mr. TVD (born 1982, residing in Hoang Mai district, Hanoi) for the act of using a Facebook account named “Hà Nội phố” to post the news “Hanoi city is airy on the first day of blockade” with a video about Hanoi street experience on 4 / 5/2021. On May 7, the Department of Cyber ​​Security and High-Tech Crime Prevention (Nghe An Police) fined two cases of posting false information about COVID-19 translation on the personal Facebook page. That is Mr. P.Đ.L. (born in 1950, living in Nghi Phu commune, Vinh city) and NTH (born 1987, living in Hung Binh ward, Vinh city). Accordingly, on the afternoon of May 6, Mr. L. and Ms. H. posted on their personal Facebook page the photo of the test result answer sheet of the Center for Disease Control in Nghe An province was edited. This false information quickly spread on social networks, causing public confusion. On May 6, Inspector of the Department of Information and Communications of Thua Thien – Hue province coordinated with the Provincial Police Department to sanction the administrator of the Thua Thien – Hue fanpage Le Quang H. (27 years old, living in the city Hue) 5 million VND on the act of posting information about SARS-CoV-2 infections without a specific location or address, clearly causing confusion for the community … This is not the first time that fake news about translation of COVID-19 has surfaced. According to statistics of the Department of Radio, Television and Electronic Information (Ministry of Information and Communications), by 2020, the competent forces have handled more than 1,000 cases of violations on social networks regarding false information, fabricated about the COVID-19 epidemic in Vietnam. Since the COVID-19 epidemic broke out again in Vietnam, dozens of subjects have been summoned and administratively sanctioned by functional forces for their abuse of the epidemic to attack and defame organizations and individuals. multiply; serve the purpose of sentences like to sell online … Along with the political system of the country trying to zoning off epidemic, the information technology industry also strives to detect and prevent false information, believe it or not. exactly. The fight against fake news and bad news is increasingly strengthened by new technology solutions. Within a few days, the subjects who spread false information, fabricated about the COVID-19 epidemic were quickly exposed and properly sanctioned. Be alert in filtering information Vietnam is one of the top 10 countries in the world in terms of social media users, with nearly 64 million Facebook accounts and nearly 35 million YouTube accounts. With such a large number of users on social networks, in addition to those who intentionally spread fake news to cause social disturbances, there are many people who accidentally share false information or false information. The functional force took testimony of the object whose Fanpage brought false content about the situation and developments of the COVID-19 epidemic. Photo: VNA broadcast In order to prevent fake information, the Vietnam Counterfeit Information Processing Center recommends that people pay attention and carefully check the following factors: review the source (quickly check the website to see if the contact information is clear. obviously not); Illustrative information (check the illustrations, images, links to see if the information is really helpful or for any other purpose); prejudice trap (consider whether or not you are biased or prejudiced against someone not); news or a joke (be alert, distinguish between the real news, what is the joke of the netizens); author check (quick check to see if the article’s author is trustworthy); check the time (be careful with the old news being posted back, not sure if they are related to the current event); read in its entirety (the title can be headlined to attract readers); Consult an expert (consult an expert or reliable sources). Accordingly, people need to check the source, see which source the information comes from, if it comes from a stranger, the information is not clear, so be alert. When detecting fake news, people need to notify the Vietnam Counterfeit Information Processing Center through the website: http://tingia.gov.vn; email: online.abei@mic.gov.vn; phone number 18008108. Currently, the COVID-19 epidemic is complicated, the authorities also pay attention to the people, besides protecting their health, their family, they need to be calm and alert in screening. believe, equip themselves with legal and social knowledge and clearly identify distorted and fake information. In addition, people need to choose information posted and shared from social networking sites, so they should access mainstream information; not participate in posting, sharing or commenting on untruthful information, offensive images, contrary to the fine customs and culture of the nation or defaming or defaming the honor of organizations and individuals; information contrary to the Party’s viewpoint, the State’s laws and policies, activities in violation of the law or information of unknown origin, the accuracy of the information has not been determined; promoting positive and meaningful information in life; At the same time, to fight, criticize and condemn wrongdoings on social networks … Each citizen is an important part of once again successfully controlling the COVID-19 pandemic. Each person needs to say “no” to fake news, false information, become a part of the “shield” against harmful information flows, together, unanimously agree with the authorities to soon repel the epidemic.

The Colonia company had to shut down the fuel pipeline after a cyber attack. Photo: AP. Leading American fuel pipeline company Colonial shut down its entire network that supplies nearly half of the fuel to the US East Coast, following a May 8 ransomware ransomware attack. Every day, the Colonial company ships 2.5 million barrels of gasoline, diesel, jet fuel and other products through a 850-kilometer pipeline connecting the eastern and southern coasts of the United States. The company has shut down systems to stop the threat after learning about the attack. According to sources, hackers are most likely a highly professional cybercrime group. And the malware used in the attack is ransomware. Ransomware is a type of malware designed to lock systems by encrypting data and taps money to regain access. This malware has become popular in the past 5 years. The Colonial Company has invited a third-party cybersecurity company to conduct an investigation and contacted law enforcement and other federal agencies to initiate an investigation. Colonial provided no further details or said how long their fuel lines would be closed. “Cyber ​​vulnerabilities have become a systemic issue,” said Ms. Algirde Pipikaite, Head of Network Strategies at the World Economic Forum’s Cyber ​​Security Center. Without measures to protect cybersecurity, attacks are occurring more often on industrial systems such as oil and gas pipelines or water treatment plants. In 2017, Colonial shut down its gas distillation and production lines during Hurricane Harvey that hit the Gulf Coast. That contributes to tight supply and price increases in gasoline in the US.

Colonial Pipeline America’s largest fuel pipeline system was attacked by network, has not yet assessed the damage. (Source: Freightwaves) To deal with the incident, the company had to close the entire network. Colonial Pipeline said the attack “suspended all pipeline operations and affected some of our IT systems”. Sources in cybersecurity revealed that the malware used in the Colonial Pipeline attack was ransomware – a type of malware designed to block systems with how to encrypt data and request a ransom payment to restore access. The Colonial transports gasoline, diesel, jet fuel and other refined products from the Gulf of Texas to the populous US East Coast via a 8,850 km pipeline, serving 50 million customers. Oil analyst Andy Lipow said that the impact of the attack on supply and fuel prices will depend on how long the pipeline is down. If the line stops working for a day or two, the impact will be minor. However, if the pipeline is forced to shut down for 5 or 6, shortages or price increases will occur, especially in the area stretching from Alabama to Washington DC. (According to AFP, Reuters)

Experts say that in each attack, typically hackers will attack networks or systems, steal personal or sensitive information and then demand ransom to return or unlock them. that information. Although experts say that companies should not pay a ransom to hackers because this action helps to foster legal violations, according to Mimecast statistics, 54% of the companies have paid the ransom. Of these, 76% of the companies got their data back, while 24% couldn’t get it back. Prior to this report, since last year, many entities including major Australian companies have reported being attacked by hackers. The recent victim is Nine Network Television, which makes some programs unable to broadcast as usual. Previously, the Australian National Assembly’s computer network was also attacked a number of times. In response to this situation, Australia’s Cybersecurity Center issued recommendations and procedures to instruct entities on how to secure cyber security. At the same time, experts believe that regular software updates as well as the use of multi-factor authentication are also useful measures for security in a cyberspace environment./.

On the KrebsOnSecurity blog, cybersecurity expert Brian Krebs issued a warning about the leaked data, including the application user’s email address, phone number, license plate number, customer birth date, and email address. and password. (Photo: Seacoast Online) Information about the data breach was first discovered by the threat intelligence firm Gemini Advisory based in New York City (USA). “Gemini Advisory shared an image showing that my personal data was publicly available on a crime forum, including my ParkMobile account information in screenshots, along with information about the data. stolen. The data contains email addresses and phone numbers, as well as license plates for four different vehicles that I have used in the past 10 years, ”said cybersecurity expert Brian Krebs. (Photo: ParkMobile) On March 26, ParkMobile notified users that they had discovered “a cybersecurity incident related to a vulnerability in the third party software we use.” “We immediately launched an investigation with the assistance of a leading cybersecurity company to resolve the incident. We have also notified the appropriate law enforcement authorities. The investigation is still ongoing and we cannot provide details at this time, “said ParkMobile. (Photo: ParkMobile) According to ParkMobile, no user’s credit card information was stolen. “Our investigation indicated that no sensitive data or credit card information that we encrypted, was affected. We will continue to maintain the security and monitor our systems closely, ”the statement said. According to cybersecurity expert Brian Krebs, if you are already using ParkMobile, quickly change your password. (Artwork: Shutterstock) In the event that this password is used by you with other accounts as well, you should change everything to limit the likelihood of an attack, although it may take a while to complete.