On January 13, the National Network Security Association (NCA) issued a summary report on network security in 2025 for organizations and businesses.
Data is valuable asset
According to statistics from the National Cyber Security Association, in 2025, information systems in Vietnam faced about 552,000 cyber attacks, a decrease of 19.38% compared to 2024. This development shows that the efforts of agencies and organizations investing in cyber security have initially been effective, making attacks no longer as easy as before.
However, the decrease in the number does not mean a decrease in the level of risk. The survey shows that 52.3% of agencies and businesses recorded losses due to cyber attacks in the year, a significant increase compared to 46.15% in 2024. This shows that hackers are switching to a selective attack strategy, focusing on specific targets, with careful preparation and deeper exploitation capabilities, increasing the risk even though the total number of attacks decreases.
The 5 most common forms of attacks in 2025 respectively include: Service denial-of-service attacks; inserting links to gambling and betting advertisements (backlinks); intentional spying attacks (APT); data theft attacks; data encryption for ransom.
A noteworthy point is that these forms show signs of being combined and deployed by hackers interspersed with carefully calculated scenarios.
According to the National Cybersecurity Association, in 2024, cryptocurrency data hacking attacks emerged as a major threat, causing serious disruptions to the operations of many agencies and businesses. But in 2025, the most impactful cases focused on data breach and theft attacks. This shift shows that hackers no longer only aim to paralyze the system to demand ransom, but increasingly consider data as valuable assets for long-term exploitation.
Mr. Vu Ngoc Son, Head of the Technology Department, National Cyber Security Association, commented: "Hackers tend to double-attack, not quickly encrypting data immediately upon intrusion but will lie in the area for a long time. The goal of stealing important data is to sell, exchange or exploit on black markets. Only when there are no more exploitable data can data be encrypted to extort money from victims.
Cybersecurity forecast 2026
Forecasting the trend in 2026, the National Cybersecurity Association said: Data security will become the "front" of agencies, organizations, and businesses. In the context of Vietnam promoting digital transformation, data and information centers will be the most valuable asset that hackers aim for.
Cyber attacks are predicted to become increasingly sophisticated, strongly automated thanks to artificial intelligence (AI). Hackers can use AI to quickly create tools to automatically scan and exploit vulnerabilities, as well as generate new malware variants, constantly changing to avoid traditional defense systems. In addition, forms of ransomware data encryption attacks still pose a risk of re-emergence with a higher level of danger, especially targeting key infrastructures.
Compliance with the Law on Network Security and the Law on Protection of Personal Data will no longer be an option but a vital requirement. Businesses need to shift from response equipment to methodical investment, apply international network security standards and consider data as the most strictly protected asset.
