This trend reflects the initial effectiveness of cybersecurity investment by agencies and organisations, making cyberattacks less easy to carry out than before.

However, a decline in the number of incidents does not necessarily mean reduced risk. Survey results showed that 52.30% of agencies and businesses reported damage from cyberattacks in 2025, a sharp increase from 46.15% in 2024. The figures indicated that hackers are shifting toward targeted, selective attacks, focusing on specific victims with careful preparation and deeper exploitation, raising overall risk despite fewer total attacks.

The five most common types of cyberattacks in 2025 were distributed denial-of-service (DDoS) attacks, injection of gambling/betting advertising links (backlinks); advanced persistent threats (APT), data theft attacks, and ransomware encryption attacks. Notably, these forms of attack show signs of being combined and deployed in layered sequences, based on well-calculated scenarios.

While ransomware dominated in 2024, the most damaging incidents in 2025 were linked to data breaches and theft. Stolen data can be traded or exploited on underground markets, creating long-term risks even after systems are restored.

Vu Ngoc Son, head of Technology at the National Cybersecurity Association, shared that hackers are increasingly adopting double-extortion tactics. They do not rush to encrypt data immediately after breaking in, but instead remain dormant for extended periods. Their goal, he stressed, is to steal critical data for sale, exchange, or exploitation on the black market. Only when there is no further data to extract do they proceed to encrypt systems and extort victims.

Looking ahead to 2026, the association warned that data security would become the central battlefield for agencies, organisations and businesses. As Vietnam accelerates digital transformation, data centres and information systems would become the most valuable assets targeted by cybercriminals.

Cyberattacks are expected to become more sophisticated and increasingly automated through artificial intelligence (AI). Hackers may use AI to quickly generate automated scanning and exploitation tools, and create new malware variants that continuously evolve to evade traditional defence systems.

Meanwhile, ransomware attacks still pose the risk of resurfacing at a more dangerous level, particularly targeting critical infrastructure.

Compliance with the Law on Cybersecurity and the Law on Personal Data Protection will no longer be an option but a matter of survival, says IT experts, adding businesses must shift from reactive measures to structured investment, adopt international cybersecurity standards, and treat data as the most strictly protected asset.

Cyberattacks surge amid global AI boom, Vietnam under cybersecurity threats

VOV.VN - As cyberattacks grow in scale and sophistication globally, 2025 is proving to be a critical turning point for cybersecurity, especially for countries accelerating their digital transformation, like Vietnam.