In 2024, Vietnam faced a staggering wave of ransomware attacks, with Bkav reporting that over 155,640 computers fell victim to this malicious software designed to encrypt data and extort ransom payments. The financial repercussions for organizations have been severe, amounting to tens of trillions of VND, which translates to hundreds of millions of USD. These losses encompass not only ransom payments but also lost revenue due to system downtime, customer attrition, and reputational damage.
60% of Vietnamese Businesses Lack Adequate Cybersecurity Solutions
During a recent cybersecurity assessment conducted on March 25, Bkav highlighted that ransomware has emerged as a pervasive threat throughout 2024 and into the early months of 2025. The statistics reveal a grim picture: on the very first day of a ransomware attack, one company reported losses exceeding 100 billion VND (approximately .1 million), while another faced staggering losses of up to 800 billion VND (about .9 million). However, experts caution that these visible losses represent only a fraction of the broader issue. A surge in requests for ransomware assistance has inundated both authorities and businesses, underscoring the escalating scale and severity of the crisis.
Growing Sophistication and Risks of Ransomware
Bkav’s research indicates that the landscape of cyber threats is evolving, with ransomware attacks becoming increasingly sophisticated and organized. These attacks often target businesses with hefty ransom demands, while Advanced Persistent Threats (APTs) stealthily infiltrate organizations to pilfer sensitive information. Nguyen Dinh Thuy, Head of Bkav’s Malware Research Department, emphasized the alarming frequency of new virus samples emerging daily, wreaking havoc across various sectors. He noted that approximately 60% of businesses in Vietnam lack sufficient cybersecurity measures.
Many organizations that sought Bkav’s assistance during ransomware incidents were found to either lack antivirus software entirely or rely on basic foreign antivirus solutions without adequate expert support. Furthermore, a reliance on rudimentary built-in antivirus features from operating systems has proven inadequate against modern malware threats. Thuy explained, “The built-in antivirus on operating systems only provides the most basic functions and cannot fully protect users from advanced threats like APTs or ransomware, which embed deeply into systems to steal data or demand ransom.”
Ongoing Threats: APT and Ransomware Attacks
Experts from Bkav have issued warnings that APT spyware and ransomware continue to lurk within numerous systems across Vietnam, poised to strike when vulnerabilities are detected. Hoang Duc Hoan, a cybersecurity monitoring expert from VSEC, reiterated that ransomware remains a significant threat in 2025, with attacks becoming more sophisticated and targeted. “Attack groups will not only encrypt data and demand ransoms but also steal sensitive information and threaten to expose it if payment is not made,” Hoan stated. The potential for ransomware to target critical infrastructure—such as hospitals, energy systems, and transportation networks—poses severe risks to both societal safety and economic stability.
Rising Number of Cyberattacks
A cybersecurity survey conducted by the National Cybersecurity Association (NCA) at the end of 2024 revealed a notable increase in cyberattacks against agencies and businesses, with over 659,000 incidents reported. The survey indicated that 46.15% of respondents experienced at least one attack during the year, while 6.77% faced frequent assaults. Notably, APT and ransomware attacks accounted for 26.14% and 14.59% of all incidents, respectively.
Given the rising number and sophistication of cyberattacks, experts recommend that organizations regularly assess and address vulnerabilities, implement 24/7 cybersecurity monitoring, and develop comprehensive incident response plans. This includes establishing regular data backups and recovery strategies to mitigate damage in the event of an incident.
