Number of cyber attacks, data leaks, security vulnerabilities continue to increase
The report was developed by Viettel Cyber Security Company (Viettel Cyber Security) based on data from the Viettel Threat Intelligence System. In 2024, the system recorded the risk of information security (IT) in Vietnam continued to spread, as evidenced by the increase in the number of cyber attacks and increasingly sophisticated methods and scale of attacks.
The number of encrypted data attacks reached 10 Terabyte, causing a total estimated loss of up to 11 million USD. The problem of data leakage increased sharply in Vietnam with 14.5 million leaked accounts, accounting for 12% of the total worldwide, causing many personal information and business documents to be widely advertised on online platforms.
Forms of financial fraud and brand impersonation have also become more complicated in the past year. More than 4,000 fraudulent domain names were recorded, down about 30% compared to 2023, but the number of fake pages using illegal brands increased by 3 times (nearly 1,200 pages).
High-tech criminals apply AI technology to create a series of fake emails and websites. The Finance - Banking sector is still the most targeted sector, accounting for 50% of the total attacks.
In addition, the number of distributed denial of service (DDoS) attacks has also increased significantly with more than 924,000 attacks recorded, an increase of 34% compared to the previous year.
Nearly 40,000 new security vulnerabilities have been discovered, up 46% from 2023. Of which, 47% are High and Severe vulnerabilities, focusing on popular products and services such as VPN systems, web servers and administrative software.
Organizations in Vietnam face risks from many unpatched vulnerabilities, with 143 vulnerabilities warned of the risk of major impacts. In particular, businesses in the Finance, Energy and Technology sectors are where key systems are often exploited by hackers.
Assessing the trend of cyber attacks in 2025
The report also points to cyber attack trends that will develop in 2025. Accordingly, criminals will increase the exploitation of AI to create more difficult-to-detect malware, using deepfake technology with more sophisticated forms of counterfeiting voice, images or videos. IoT devices and Blockchain platforms have become new targets for hackers, especially low-security devices and cryptocurrency trading platforms.
The explosive growth of the ransomware-as-a-service (RaaS) model has enabled anyone to deploy cyber attacks without the need for technical expertise. Another worrying trend is the increase in fileless Malware attacks, which exploit RAM and system management tools such as PowerShell to avoid detection by traditional security software.
5 recommendations for Vietnamese businesses
In that context, Viettel Cyber Security Company has made 5 main recommendations for businesses to proactively implement solutions to protect and minimize risks. First, businesses need to build a 24/7 information security monitoring system, detecting and handling attacks early.
Second, apply a modern governance model (Zero-Trust) to strictly control access to the system, preventing the risk of illegal intrusion.
Third, it is necessary to review and patch the vulnerability regularly. Carry out periodic inspections, prioritize the correction of important errors, and at the same time, it is necessary to assess security in the supply chain to avoid being attacked through partners.
Fourth, invest in advanced security technologies such as External Attack Surface Management (EASM), SOC, Anti-DDoS to protect important information assets.
Finally, businesses need to build an information security culture through periodic training and incident handling drills to minimize risks.
