QTS_Unit 4_Question 3


In my opinion, future cyber attacks will take place in many different forms, hackers will take advantage of all loopholes, holes in the network, … of individuals and organizations to try to steal information. about personal accounts, sensitive images, copyrights of works, confidential national information, etc., in the following forms:

  1. Targeted attacks on software supply chains

Hackers will focus their attacks on software supply chains: Attacks targeting companies through their vendors. This means that businesses are more vulnerable to attack the more complex supply chains they own. It leaves heavy consequences for businesses such as: disturbing, disrupting business activities, leaking information, affecting revenue, brand reputation; lost investment opportunity…

  1. Targeting 5G is a criminal trend of Hackers

The 5G network is being tested in many countries, so the security world has only come up with a 5G attack scenario. However, as this technology becomes more widely adopted, hackers can take advantage of this and create threats with unprecedented speed and scale.

5G with low latency, fast transmission will open a new era for loT. Millions of devices can be combined to operate homes, industrial parks, and smart cities. But, hackers just need to take advantage of one device to infiltrate the whole system and proceed to steal data and take control.

It is predicted that smart devices will no longer be a target for hacker attacks, but they will become a path for deeper attack processes. Currently, many people are tricked into transferring money when downloading files or clicking on links containing malicious code, but when they have 5G, they can be monitored their daily habits, revealing financial information, making online scams more successful.

  1. Hacker’s target continues to be loT devices

In Vietnam, Internet of Things (loT) equipment is a potential market to attract many large investors. LoT is developing comprehensively with a complex and multi-tiered structure. Therefore, unauthorized LoT breaches will still take place without users knowing.

loT generates a huge, unlimited amount of data thanks to sensors mounted on parts of machines, security camera systems, smartphones, smart homes, smart cities, etc. companies use for advertising and marketing, so are vulnerable to cybercriminals to hack into accounts and extort money.

LoT is developing rapidly and widely, but the issue of information security has not been paid much attention. This leads to LoT which can be a lucrative prey for cybercriminals. All floors have potential vulnerabilities that hackers can take advantage of to commit crimes.

  1. Hackers target industrial control equipment systems

Industrial control system (ICS) is a collection of technical means, software, and people that control the technological processes of production at industrial facilities. The common feature of ICS attacks is that they are highly complex, well-prepared, go through many stages, with serious consequences. The reason is that ICS has a complex structure and features that are vastly different from conventional IT systems.

ICS gradually becomes popular and plays an important role for countries. It is predicted that ICS will be the main attack trend for APT groups in 2021. These systems are being attacked by hackers in recent years, not to mention the attack on the Iranian nuclear facility, Ukrainian power grid, German chemical plant.

  1. Cyber ​​attack prevention mostly relies on artificial intelligence (AI)

Artificial Intelligence (AI) has brought applied machine learning technology to all areas including cybersecurity. Experts have used advanced algorithms to recognize faces, process language and detect threats. However, thanks to AI, it is easier for hackers to develop malicious code and commit more sophisticated crimes. This requires organizations and businesses to have more advanced system security solutions.

The development of AI is key to the prevention of cyber attacks. In the future, cyber attacks will happen very quickly in a split second, and the task of advanced AI technology is to detect, predict and resist these attacks. Humans must be equipped with enough information to not only resist but also predict attacks for effective prevention.

  1. Secure Cloud Computing

Cloud computing is increasingly popular and becomes a lucrative prey for hackers.

Securing the cloud will be a big focus for organizations in the coming year. It can be seen that the use of cloud computing is an inevitable trend in the era of digital transformation, the 4.0 technology shift of businesses takes place strongly. However, this can also create opportunities for hackers to attack thanks to security errors and misconfigurations. DDoS attacks will focus more on the cloud with security and privacy issues. This will be a big challenge for businesses using cloud computing technology.

In the complicated development of the Covid 19 epidemic, experts predict that online phishing attacks will become complex and increase in both quantity and method. Even if Covid 19 is brought under control, security threats related to Covid 19 will still be present for a long time. Cybercriminals will take advantage of information related to vaccines, the response of government organizations to carry out cyber attacks.

  1. The strong development of Ransomware will be a lucrative bait for Hackers

Ransomware will still be the main attack method of hackers in 2021. Cybercriminals will continue to steal data before they are encrypted. This will be a big challenge for the medical and healthcare industry as Hackers can steal patient records and blackmail them by threatening to reveal medical history. These attacks can have severe consequences in 2021.

As Hackers develop monetization models, they will target many different industries and become extremely bold. Experts predict that targeted attacks on previously low-risk organizations such as government, financial services, healthcare, education and energy will take place more next time.

  1. Set of network security solutions: Network Security

To prevent and prevent cyber attacks taking place in 2021 and the coming years, Network Security will be the web security solution that you need to pay attention to. This is a comprehensive set of multi-layer security solutions including: Controlling access and connectivity between network partitions according to ZeroTrust, preventing network attacks/exploiting system and application security vulnerabilities, monitoring and prevent APT, trap and proactively detect security threats already in the system as well as monitor and control system Internet connections.

  1. Social Engineering attack methods continue to evolve: Although this is not a new attack technique, many individuals and organizations still become targets of hackers.

Common forms of Social Engineering phishing attacks

  1. Phishing

Phishing is a form of fraud that impersonates reputable organizations such as banks, online transaction websites, credit card companies to trick users into sharing confidential financial information such as: usernames , transaction passwords and other sensitive information. This form of attack can also install malicious software on the user’s device. This is really a big danger if users are not knowledgeable or are not alert about this form of attack.

There are many phishing techniques used to perform phishing attacks. Specifically:

Spam: (email spam) is a technique that uses email as a tool to defraud users, such as: Embedding a redirect link in an email to an unsafe website; Spoofing sender address; Attaching malicious Trojan code in an email or advertising file to exploit vulnerabilities on users’ devices

These emails ask users to update information about their personal accounts, by redirecting access to websites that appear to belong to legitimate and authorized organizations. However, these are actually fake websites, created by hackers to get sensitive information of users.

A real-life example of this attack technique is Operation Lotus Blossom, discovered and announced by security company Palo Alto (USA) in 2015. This is a targeted cyber espionage campaign against Governments and military organizations in Southeast Asia lasted for many years. Countries targeted in this campaign include: Hong Kong, Taiwan, Vietnam, the Philippines and Indonesia. Malware is distributed by exploiting Microsoft Office vulnerabilities through a text file attached to an email with content related to the target agency or organization. When the user reads the text content, the malicious code will be activated and silently steal the data stored on the computer and transfer it to servers abroad. This malicious code is also known by another name, Elise.

  1. Phishing website: is another attack technique of Phishing attack. For example, there are many ways to make money online nowadays and users have to provide a bank account for these websites to receive the payment. However, hackers often take advantage of loopholes in this transaction, redirecting users to a fake website to steal user information. Another form is to provoke users’ curiosity by inserting into the website ads with attractive content to infect malicious code.

Social Media Phishing: This is a form of fraud that hackers perform by sending links through messages, Facebook status or other social networks. These messages can be announcements of winning valuable items such as SH cars, cars, iPhones, etc. and instructing the user to access a link to complete the claim. In addition to tricking victims into paying reward fees, hackers can hijack accounts, exploit friends list information to use for bad purposes such as tricking into borrowing money, buying phone scratch cards, etc.

  1. Watering Hole

Watering Hole is a method of targeted attack on organizations/enterprises (TC/DN) through tricking members into accessing malicious websites. Hackers often target websites with many visitors, the “dark” web or create their own websites to trick users, which intentionally insert exploit codes related to browser vulnerabilities into websites. If accessing the website, these malicious codes will be executed and infect the user’s computer.

When used in targeted attacks, the Watering Hole attack technique usually works in the following scenario:

Step 1: Collect information about the target TC/DN. The information collected may include a list of websites frequently visited by the organization’s employees or leaders. Then, hackers start looking for websites they can penetrate, combining with local attack techniques to improve the attack.

Step 2: After gaining control of a website that the employees of the organization regularly visit, the hacker will insert code that exploits the vulnerabilities via browsers, flash applications or java ( flash and java are usually installed on the user’s computer by default).

Step 3: After the user accesses the malicious website, immediately the malicious code will be executed. At that time, hackers will take control and install malicious programs that allow remote control on the victim’s computer. From there, exploit the information from the user or use the machine itself to attack other computers.

  1. Pretexting

Pretexting is another technique of Social Engineering attack, whereby hackers focus on creating a logical excuse, or a pre-calculated scenario to steal victim’s personal information. These types of attacks often manifest as a scam that the user needs to provide certain information in order to confirm their identity.

In simple terms, Pretexting is a form of impersonating another person, usually a police officer or a reporter, to get information from the target audience, mostly through telecommunications services. This trick is used by detectives, investigators and even criminals to access sources of personal information directly over the phone.

For higher level attacks, hackers will try to manipulate targets to exploit structural weaknesses of an organization or company. For example, a hacker impersonating an external IT services auditor with reasonable arguments convincing the security officer physically allows the hacker to enter his or her work premises. that company.

Unlike phishing emails that take advantage of the victim’s fear and urgency, pretexting attacks rely on building a sense of trust in the target audience.

  1. Baiting and Quid Pro Quo

Baiting attack technique takes advantage of human curiosity. The main feature of this type of attack is the promise of a specific item or product that the hacker uses to deceive the victim. A good example is an attack scenario where a hacker uses a malicious file masquerading as some popular software or software update. Hackers can also physically attack Baiting, for example handing out infected USB sticks in the vicinity of the target organization for free and waiting for internal staff to infect their computers with malware. company. After being executed on computers, the malware installed on these USB drives will help hackers gain full control, thereby serving the next attack purpose.

The Quid Pro Quo attack (also known as the Something For Something attack) is a variation of Baiting. However, instead of making promises about a product, hackers promise a service or benefit based on performing a specific action over a service or benefit built by the hacker. built to exchange information or access.

The most common Quid Pro Quo attack occurs when a hacker impersonates the IT staff of a large organization. The hacker attempts to communicate by phone with the staff of the intended organization, and then provides and instructs them with some information regarding the software upgrade or installation. To facilitate the execution of malicious acts, the hackers will ask the victim to temporarily disable the antivirus software installed on the machine, so that the malicious application can be executed without any problems what a shame.

*Precautionary measures

  1. For individuals

To prevent Social Engineering attacks, users should note:

– Be careful and should not reply to any spam that requires confirmation, updating any information about an individual’s account, TC/DN.

– Do not click on any link associated with spam if not sure about it.

– Be wary of promotional and winning information received on social networks; Do not click on links from unfamiliar websites; Do not provide personal information, especially bank accounts; Use complex passwords for social media accounts like Facebook and change them often.

– Be careful when accessing websites, especially unpopular ones, because they most likely have vulnerabilities that hackers are targeting to exploit.

  1. For organizations and businesses

TCs/DNs should implement solutions to prevent Social Engineering attacks as follows:

– Segregation of accounts, clear rights and responsibilities for social network accounts, websites and systems.

– Avoid using the same password for many different accounts to avoid the risk of information leakage.

– Limit posting personal information, company and business information on social networks to avoid bad guys impersonating.

– Improve knowledge about attacks and ways to avoid Social Engineering, information security skills for officials and employees; Conduct training sessions with fake situations, thereby increasing awareness, vigilance and experience in dealing with similar situations.

– Regularly update patches for software and operating systems.

+ There are no comments

Add yours