Vietnam faced a dramatic rise in cyber threats in 2024, with millions of accounts exposed and critical systems targeted by increasingly sophisticated attacks. From deepfake impersonations to massive data breaches and fileless attacks, the country’s cyberspace has become a "battleground" for cybercriminals.

According to the latest report from Viettel Cyber Security (VCS), these threats have grown in both scale and complexity, leading to a surge in warnings and urgent calls for action from both the government and businesses to protect sensitive information and vital infrastructure.

In Directive No. 29/CD-TTg, dated April 3, 2025, Prime Minister Pham Minh Chinh urged ministries, sectors, and localities to intensify efforts in preventing and addressing fraud in cyberspace aimed at fraudulent asset appropriation.

Rising complexity

According to the report from the VCS, which is based on the data from Viettel Threat Intelligence, cybersecurity risks in Vietnam continued to expand in 2024, reflected by the increasing number of cyberattacks, with growing sophistication and scale of attack methods.

Data breaches in Vietnam are growing more significant. Specifically, in 2024, up to 10 terabytes of encrypted data were targeted in cyberattacks, causing a total damage  estimated at about $11 million. Moreover, 14.5 million accounts were leaked, including a vast amount of personal information and corporate documents being widely sold on online platforms, accounting for 12 per cent of the total leaked accounts globally.

Financial fraud and brand impersonation also increased in a complex manner. Although the number of fraudulent domains dropped by 30 per cent compared to 2023 (with 4,000 domains recorded), counterfeit websites using unauthorized brand identities were recorded three times as much, reaching nearly 1,200 websites. Cybercriminals are now leveraging artificial intelligence (AI) to mass-produce phishing emails and sophisticated fake websites, which mainly target the financial and banking sectors, accounting for 71 per cent of total cyberattacks.

Additionally, Distributed Denial-of-Service (DDoS) attacks surged to over 924,000 recorded incidents, increasing by 34 per cent compared to 2023. Notably, some cyberattacks on financial institutions, public services, and technology firms exceeded 1 Tbps, causing severe disruptions to operational systems.

According to the report, nearly 40,000 new security vulnerabilities were recorded, increasing by 46 per cent compared to 2023, of which 47 per cent were classified as high or critical severity, primarily focusing on products and services such as Virtual Private Network (VPN) systems, web servers, and management software. Numerous unpatched vulnerabilities pose a risk to organizations in Vietnam, with 143 being flagged as high risks.

Emerging threats and strategic recommendations

According to the report, some cyberattack trends are predicted to evolve in 2025, including the increased exploitation of AI to create more elusive malware, and the leveraging of deepfake technology for sophisticated identity fraud in voice, image, or video.

Moreover, Internet of Things (IoT) devices and blockchain platforms will become targets for hackers, especially those with weak security protocols and cryptocurrency transaction platforms. The Ransomware-as-a-Service (RaaS) model is also being targeted, allowing anyone to carry out cyberattacks. Fileless malware attacks are another concerning trend, exploiting memory (RAM) and administrative tools like PowerShell to avoid detection by traditional security software.

Due to the evolving nature of cyberattacks, Viettel Cyber Security provided five key recommendations for businesses to proactively implement protective measures and minimize risks:

Firstly, businesses should establish a 24/7 cybersecurity monitoring system to detect and address attacks immediately. Next, a modern governance model should be adopted to tightly control access to systems and prevent unauthorized intrusions. Businesses can consider investing in advanced security technologies such as External Attack Surface Management (EASM), Security Operations Centers (SOC), and Anti-DDoS solutions to protect critical information assets.

Additionally, companies must review and implement patching vulnerabilities, conduct periodic audits, prioritize fixing critical errors, and assess security in the supply chain to avoid attacks through partners. Lastly, companies should foster a strong cybersecurity culture through regular training and incident response drills to minimize human-related risks.