Large-scale cyber-attack campaigns by hacker organizations may target Vietnamese companies in the near future due to Windows vulnerability.
The National Cyber Security Monitoring Center (NCSC) made the forecast after examining several sources. According to information from this unit, a vulnerability in Windows has a higher hardness than the company claims.
Damage codenamed CVE-2021-1675 exists in the Windows Print spoiler feature. This is a type of vulnerability that allows a particular type of enhancement attack so that the attacker can switch from a normal number to a higher level on the computer. According to the declaration Microsoft, These vulnerabilities affect most operating system versions Windows, Including Windows 10 / 8.1 / 7 and Windows Server 2019/2016/2012/2008. On a risk scale, CVE-2021-1675 rated 7.8 / 10. On June 8, Microsoft fixed this vulnerability.
However, according to a source in the Ministry of Information and Communication, this vulnerability is more serious than the published figures. Bad people can exploit vulnerability in a number of ways, including directly attacking Windows computers or servers; Or attack via computer on the network.
“The CVE-2021-1675 could be fully utilized in the near future to launch large-scale APT-targeted attack campaigns on cyberspace in Vietnam,” the NCS representative said.
In the opinion of the Ministry of Information and Communication, agencies and organizations need to be reviewed to identify potential servers and workstations. If so, the security patch needs to be updated according to Microsoft’s instructions, and there should be a plan in place to deal with any signs of an attack.
APT attack is a dangerous form of attack. Once a specific target is identified, hackers will use and use advanced techniques to attack for a long time until they reach or block their target. According to Buckwheat, Vietnam will lose $ 1 billion by 2020 due to computer viruses. In particular, stealth malware is the APT that causes the biggest attack used by W32.