The report provides a comprehensive overview of the country’s cybersecurity situation over the past year, warning of increasingly complicated threats and offering key recommendations for businesses to strengthen their defences.

Cyberattacks, data breaches, and security vulnerabilities on the rise

The report, based on data from Viettel Threat Intelligence, reveals a sharp rise in ransomware attacks, with 10 terabytes of encrypted data and estimated financial losses reaching US$11 million. These attacks not only lock access to critical data but also involve data theft, increasing pressure on victims to pay ransoms.

Vietnam has also witnessed a concerning spike in data breaches, with 14.5 million accounts leaked, accounting for 12% of global breaches. Sensitive corporate documents and personal information are being sold openly on dark web platforms, exacerbating the cybersecurity crisis.

Financial fraud and brand impersonation tactics are evolving rapidly. While the number of phishing domains dropped by 30% compared to 2023, fraudulent websites misusing brand identities tripled, surpassing 1,200 cases. Cybercriminals are leveraging artificial intelligence (AI) to craft convincing phishing emails and fake websites, with the financial and banking sector suffering the most, 71% of total cyberattacks targeted this industry.

Meanwhile, DDoS attacks surged by 34%, with over 924,000 incidents recorded, while the number of newly discovered security vulnerabilities increased by 46%, posing severe risks for organisations. The finance, energy, and technology sectors remain prime targets, with 143 critical vulnerabilities flagged as high-risk.

Cyberattack trends in 2025

Looking to 2025, cybercriminals are expected to exploit AI even further, developing malware that is harder to detect. Deepfake technology will be used in elaborate fraud schemes, including voice, image, and video manipulations, posing significant security risks.

The rapid expansion of Internet of Things (IoT) devices and blockchain platforms makes them prime targets for cybercriminals, especially in the cryptocurrency sector, where poorly secured infrastructure creates major vulnerabilities.

The rise of Ransomware-as-a-Service (RaaS) will allow even non-technical attackers to launch cyberattacks, while fileless malware techniques will exploit system memory and built-in administration tools like PowerShell to bypass traditional security defenses.

Recommendations for Vietnamese businesses

In that context, Viettel Cyber Security has made recommendations for businesses to proactively implement solutions to protect and minimise risks. Businesses need to build a 24/7 information security monitoring system, detecting and handling attacks early.

In response to these threats, Viettel Cyber Security urged Vietnamese businesses to take proactive measures to minimize risks and fortify their defenses.

First and foremost, companies should implement a 24/7 cybersecurity monitoring system to detect and respond to attacks in real time. Adopting a modern governance model with strict access control policies is essential in preventing unauthorised intrusions.

Regular vulnerability assessments and patch management must be prioritised to close security gaps before they can be exploited. Investing in advanced cybersecurity solutions, such as External Attack Surface Management (EASM), Security Operations Centers (SOC), and Anti-DDoS protection, is crucial to safeguarding sensitive digital assets.

Lastly, businesses must foster a culture of cybersecurity awareness through regular training and incident response drills to reduce risks stemming from human errors.

Vietnam, US promote cybersecurity cooperation

The Vietnamese Ministry of Public Security (MoPS) is very interested in cooperation and professional exchange programmes with institutes and research centres of Harvard University, Minister General To Lam has said.