VNCERT found a malicious file exploiting a memory corruption issue in Microsoft Office in a document on the website of the People’s Committee of Hai Chau District, Da Nang. Hackers might aim to infect the computer system of the city’s administrative units with this malware, according to the team.
On August 1 VNCERT sent a letter to the municipal People’s Committee and Department of Information and Communications to warn about the attack and advise them how to deal with the issue.
“The main purpose of the hackers is to steal confidential information of Da Nang city,” the team said in the letter. “With such hi-tech attack, the city’s firewalls are not able to promptly detect the problem, allowing the hackers to maintain control of the computer system for a long time,” it added.
Analysis of the cyber-attack showed that the hackers have thoroughly monitored the targeted website and used hi-tech solutions to get around security walls. This would allow them to take control of the internal computer system and steal information.
In the letter, VNCERT also provided Da Nang with detailed instructions on how to examine and remove this type of malware. It urged the municipal Department of Information and Communications to act on this advice without delay.
The malware is extremely dangerous as it can steal information and destroy the data system, so the VNCERT recommended leaders of the Department of Information and Communications strictly follow the instructions.
First appearing at the end of 2010, APT attacks are one of the top threats to information security.
Statistics show that more than 27% of APT attacks have targeted government institutions, followed by those hitting banking and financial institutions and telecommunication firms with a large customer database.
Vietnam has seen a number of APT attacks on big organisations, most notable being the cyber-attack on the national flag carrier Vietnam Airlines in July last year.
VNCERT reported that last year, Vietnam was hit by 13,382 cyber-attacks, including 6,400 malware; 4,377 deface; and 2,605 phishing attacks. Some 5,179 cyber-attacks have been recorded since the beginning of 2018, consisting of 1,122 phishing; 3,200 deface; and 857 malware attacks.