More sophisticated, professional cybercrimes

At a recent event hosted by the National Cybersecurity Association (NCA), experts warned that cybercrime today is largely orchestrated by well-organised, professional groups that operate similarly to businesses. While traditional attacks often aim to profit from data theft or ransomware, newer methods are more calculated.

A 2024 survey by the association revealed that, on average, one in every 220 internet users in Vietnam fell victim to online scams, a rate of 0.45%. The total estimated financial loss due to scams in 2024 exceeded VND18.9 trillion (US$731.42 million). The three most common types of scams included fake investment opportunities promising high returns, impersonation of authorities, and fraudulent prize or promotion announcements.

Viettel Cyber Security reported that in 2024 alone, encrypted data breaches caused losses totalling US$11 million, and more than 14.5 million user accounts were compromised. While the number of fake domains recorded dropped by around 30% compared to 2023, fraudulent websites impersonating legitimate brands tripled, with nearly 1,200 cases documented.

Hackers are increasingly leveraging artificial intelligence (AI) to automate and enhance attacks, including the creation of fake emails and websites. The banking and financial sector remains the most targeted, accounting for 71% of all cyberattacks. Distributed denial-of-service (DDoS) attacks also surged, with over 924,000 recorded incidents, up 34% from the previous year.

Reports from Vietnam Cybersecurity JSC highlight new attack trends for 2025, such as intrusions into cloud services, supply chains, large language models, and AI applications. These are expected to dominate the cybersecurity landscape in the coming years.

Experts from Viettel and the NCA agreed that cyber-criminal will continue to integrate AI to craft more evasive malware and deploy deepfake technologies to mimic voices, images, and videos with alarming precision.

A shift towards proactive cybersecurity

In response to the evolving threat landscape, the Politburo’s Resolution No. 57-NQ/TW, issued on December 22, 2024, regarding breakthroughs in science, technology, innovation, and national digital transformation, highlighted cybersecurity as a core priority.

To address escalating cyber threats, Prime Minister Pham Minh Chinh has signed a dispatch urging all ministries, localities, and agencies to step up preventive measures against cyber-enabled fraud and online asset theft.

Vietnam Cybersecurity JSC recommends that instead of reacting after incidents occur, organisations and individuals should adopt a “proactive cybersecurity” posture, anticipating threats, detecting them early, and minimising potential damage.

The NCA also stressed the need for governments, businesses, and individuals to enhance digital defences by adopting advanced technologies and adhering strictly to legal regulations on data protection.

It advised institutions to ensure regular updates of software and systems, and equip basic cybersecurity measures such as firewalls, antivirus software, and data backups. Where possible, organisations should implement advanced protections such as Security Operations Centres (SOC) and Endpoint Detection and Response (EDR) systems, it said, adding that continuous training and cybersecurity drills are vital to strengthening response capabilities.

For individual users, experts advise using updated antivirus programmes on computers and mobile phones, creating strong, unique passwords with a mix of characters, and enabling multi-factor authentication on critical accounts like banking, email, and social media. They are also advised not to reuse passwords across platforms, avoid clicking on unknown links, and refrain from using public Wi-Fi for sensitive transactions.

A NCA survey indicated that over 20% of Vietnamese organisations have no dedicated cybersecurity staff, and 35.56% lack the necessary headcount to meet demands. The country is expected to face a shortfall of over 700,000 cybersecurity professionals in the near future.

To address the skills gap and raise cybersecurity awareness, the association has launched nCademy, a national e-learning platform that offers certification and training in cybersecurity. Available on both web and mobile, the platform features courses ranging from beginner to advanced levels, complete with engaging visuals, videos, and interactive materials.

nCademy aims to bridge the technology and resource divide between institutions, offering accessible, high-quality training to learners nationwide. It supports both professionals and everyday users, providing general awareness modules alongside specialist training to help create a culture of regular cybersecurity learning.

Course content is verified by experts from the Cybersecurity Research Institute (CRI) and the Vietnam Academy of Science and Technology. A pilot version is currently available at nCademy.vn, with official launch set for May 6.

Ministry proposes new cybersecurity legislation from two relevant laws

VOV.VN - A representative from the Ministry of Public Security (MoPS) has said that MoPS has proposed merging the 2015 Law on Cyber Information Security and the 2018 Cybersecurity Law into a single piece of legislation.