VietNamNet Bridge – About 1 million computers in Vietnam has “joined” the international botnet, delivering 3.33 billion spam messages per day. They can become the “springboard” for hackers to attack the national information systems.

The figures were released at the workshop discussing the international and domestic coordination mechanism in computer urgent response, held in Hanoi on October 30 by Dr. Vu Quoc Khanh, Director of the Vietnam Computer Emergency Response Team (VNCERT).

Khanh said VNCERT has recently found the international bonnets which are comprised of the computers with the IP addresses in Vietnam. Zeus Botnet, for example, has 14,075 IP addresses in Vietnam, while Sality, Downadup, Trafficconverter have 113,273.

The biggest worry is that the spyware networks targeting Vietnam not only try to damage the information systems, but also try to steal information from agencies and organizations.

The spyware uses the high technique which allows to avoid the detection and carry out undercover activities in the targeted networks.

Razer botnet, for example, joined the attacks to some Vietnamese hosting service providers. Razer is a botnet for lease, which could be an experiment of hackers. Clients just need to register information and show the targeted addresses, then the botnet would carry out attacks for them.

While the danger from botnets is described as “very dangerous,” Vietnam still feels embarrassed in dealing with them. The agencies like VNCERT can only warn about botnets based on the reports from the victims of the attacks, and can join forces with the relevant units to fight against botnets.

Khanh of VNCERT has suggested that in order to minimize the consequences created by botnets, it is necessary to strengthen the coordination measures to fight against malware and botnets.

Relevant units and agencies have the responsibility to cooperate in the campaigns to fight against the attacks. Those, who do not fulfill the task when receiving the warnings from VNCERT would be punished: their IP/domain/URL would be blocked.

Deputy Minister of Information and Communication Nguyen Minh Hong said the information security has become a burning issue in recent years.

Analysts have also talked about the existence of the spyware and malware specifically designed to attack specific goals.

According to Nguyen Doan Trong Hieu, Director of the Technique & Technology Center of VietNamNet newspaper, the DDoS attack to VietNamNet in July caused a loss of VND3 billion.

On July 1, 2013, the DDoS attack to VietNamNet began. The number of visitors to the website then increased by tens of times, thus making servers and transmissions overloaded.

The hackers used botnets to deploy the DDoS attack with the gradually increasing intensity and regularly changed methods so as to overcome the security walls.

Only on July 15, did VietNamNet and relevant agencies discover that the server that operated the botnet was in Germany. On July 17, VIetNamNet returned to the normal operation.

However, a new attacked was launched on July 18. Experts believe that the botnet was very big with the total number of computers in the attack of up to 1 million. The attack was only stopped on July 26.

“50 percent of the clients who used VietNamNet’s services asked to stop the services. Other clients claimed for compensation, asked for fee reduction,” Hieu said.

Buu Dien