VietNamNet Bridge – ESET, an internet security firm, has discovered an intentional cyberattack against the Ministry of Natural Resources and the Environment (MONRE). Top confidential documents, it warns, may have been stolen by attackers.
ESET’s experts said that the stolen data could include information about the economy and national strategies, especially maps and the research works relating to the East Sea.
Welivesecurity.com has quoted ESET’s report as saying ESET found the method hackers used to attack MONRE’s system. MONRE’s officers received emails in the personal email accounts with attached files, which were the Microsoft Word fileslaced with malware. The webmail accounts of the officers did not allow them to use a “preview” feature to view the Word documents, which does not pose a malware risk. Instead, the officers had to download the files to their work computers. Upon opening the files, the computers became infected.
When opening the Microsoft Word files, they saw that the files were inserted with the malware,which was able to exploit holes with an executive file named “payload.exe”.
ESET’s experts have found that the malware used for the attack campaign was created on April 24, 2014.
The destructive files cannot affect computers running on Windows XP or previous versions of Windows. However, they can do harm to computers running on Windows Vista or later versions of Windows. This is a kind of backdoor controlled by the Windows CC (Command and Control Server).
ESET did not reveal the culprits and the time the hackers conducted the attack. However, its security experts have expressed their worries that top secret information might have been stolen by the attackers.
They said that as East Sea issues attractheightened attention from the world, Vietnamese information about the area could become a major interest of many nations and regional corporations.
Nguyen Huu Chinh, Head of the Information Technology Agency of MONRE, on Monday confirmed that the ministry’s database was hacked and that the ministry is working to fix the problem.“Some attacks occurred in the past and we later settled the problems,” he said.
Internet security experts have recently warned about an increase in intentional attacks targeting state agencies. The attack on MONRE is evidence that hackers are “taking actions”, not just making threats.
Nguyen Minh Duc, a well-known security expert of FPT, the largest technology group in Vietnam, said the practice of spreading spyware hidden in document files may have been in effect for a long time already. This means that many computers have been infected with malware and many documents might have been stolen.
Duc has urged state agencies to install their systems with protective shields and “examine” the most important computers which keep confidential documents.
Nevertheless, state agencies have not been aware of the importance of the information existing in their systems and they still ignore warnings by the experts.
Ngo Tuan Anh, Vice President of BKAV, a big internet security solution provider, also said that BKAV has found a lot of similar attacks against Vietnamese agencies over the last year.
“Hackers still can use the same means of attacking the computers at state agencies, as computer users still don’t think they need to update Microsoft’s patch versions,” he said.
Buu Dien