According to reports from international cybersecurity forums, hacker group Crypto24 is believed to be behind the attack, which reportedly compromised approximately 2TB of data. Ransomware is a form of malicious software used to encrypt a victim’s data, which is then held hostage for a ransom.

Responding to VietNamNet, a representative of CMC confirmed the cyberattack but noted that recovery efforts have been completed and services have stabilized. Authorities are currently investigating the incident.

Data from cybersecurity firm Bkav reveals that in 2024, ransomware attacks targeted 155,640 computers across Vietnam. The resulting damage to organizations, businesses, and government agencies amounts to tens of trillions of dong (equivalent to hundreds of millions of USD). Losses include ransom payments, revenue losses from halted operations, customer attrition, and brand damage.

For example, a single company lost more than VND 100 billion (approx. USD 4 million) on the first day of a ransomware breach. Another firm reported total damages of up to VND 800 billion (approx. USD 32 million).

Cybersecurity experts warn that such figures represent only the visible tip of the iceberg. In recent years, requests for ransomware-related assistance have surged at a concerning rate.

According to Bkav, advanced persistent threat (APT) spyware and ransomware continue to lurk undetected within many systems in Vietnam, quietly spreading until they strike. Experts urge businesses and institutions to immediately adopt professional-grade cybersecurity solutions and enhance awareness of cyber risks.

Information security specialists agree that APT attacks, ransomware, and spyware remain the three most prominent forms of cyber threats that organizations worldwide - and particularly in Vietnam - must urgently defend against.

At the end of 2024, Nguyen Son Hai, Director of Viettel Cyber Security, emphasized that cybersecurity threats in Vietnam are intensifying. Data collected from Viettel’s Threat Intelligence system showed a 15% rise in brand impersonation scams, a 21% increase in stolen accounts, a 10% increase in newly discovered vulnerabilities, and ransomware victims outnumbering reported incidents by more than tenfold. The number of Vietnamese individuals’ and businesses’ data records sold on the dark web also rose 2.5 times from the previous year.

Speaking at the National Cybersecurity Association’s 2025 Annual Meeting on April 11, Colonel Nguyen Ba Son, Deputy Director of the Cybersecurity and High-Tech Crime Prevention Department (A05, Ministry of Public Security), noted that while cyberspace enables progress, it also presents mounting threats to national security and public safety.

He warned that cyberattacks, espionage activities, and personal data breaches are becoming increasingly dangerous and sophisticated, posing severe risks to both public and private sectors.

In response to the escalating ransomware threat, in April 2024, the Prime Minister of Vietnam directed urgent actions to address cybersecurity challenges, especially ransomware attacks, due to their potential to severely disrupt the nation’s economic and social development. These actions are part of a broader effort to strengthen cybersecurity compliance, discipline, and enforcement.

Thai Khang