Most APT criminals are supported by a huge resource to carry out large-scaled attacks against economic and political organizations.
At the beginning of this April, APT Cycldek planned to launch several-month-long attack to governmental bodies in Vietnam, Thailand, and other nations in Central Asia.
APT Cycldek, also known as Goblin Panda, Cycldek, Hellsing,
APT27, or 1937CN, was first detected in 2010. Its normal target is the national
defence and energy organizations of a country, especially Southeast Asian ones.
Its main victims are Laos and Vietnam.
Receiving warnings and monitoring information from international
partners, in March 2021, NCSC paid closer attention to the cyber security
status of state organizations. It has recognized that the latest APT attack is
related to APT Cycldek.
Therefore, NCSC immediately cooperated with Internet Service
Providers (ISPs) in the nation to stop those attempts from the end of March
Obviously, these efforts have effectively reduced the
negative impacts of those APT attacks to information systems of organizations
based in Vietnam.
However, NCSC still proposes that organizations and
businesses actively recheck their own information systems to timely detect and stop
any possible APT attack in the near future. More importantly, since APT attacks
towards Vietnam become more serious and sophisticated, NCSC suggests that
victims need to contact IT specialists for proper handling.