Cyber threats such as ransomware, impersonation, and targeted attacks continue to rise with increasing sophistication. Cybercriminals lurk in the shadows, exploiting the complacency of agencies, organizations, and businesses to launch their assaults.

In a report released mid-March 2025, experts from Viettel Cyber Security warned that in 2025 and beyond, organizations must prioritize defending against emerging cyberattack trends. 

Hackers will increasingly leverage AI for attacks; ransomware-as-a-service (RaaS) will grow more common; IoT and blockchain will become fresh targets; and fileless attack techniques will keep evolving.

Experts have warned that AI will be harnessed by hackers to craft sophisticated, hard-to-detect malware while executing hyper-realistic voice, image, and video impersonation campaigns.

Meanwhile, ransomware will evolve into a widespread service, enabling even non-technical actors to launch attacks with more complex encryption methods.

On fileless attacks, experts predict a surge in malware running directly in RAM or via built-in tools like PowerShell, complicating detection and mitigation efforts.

Previously, the National Cybersecurity Association (NCA) forecasted that in 2025, Vietnam will face severe cybersecurity challenges, especially with major economic, political, and diplomatic events on the horizon. Espionage and sabotage-driven cyberattacks are expected to spike.

NCA also noted that attack techniques will grow more refined and diverse, with AI integrated to enhance vulnerability scanning and exploitation. Major attack types will include advanced persistent threats (APTs), spyware, and ransomware. Hackers will also target industrial control systems, autonomous vehicles, and drones.

The rise of supercomputers and quantum chips brings both opportunities and massive challenges to cybersecurity, particularly for encryption systems and algorithms.

“The growing value of cryptocurrencies may heighten cyberattack risks, especially crypto thefts via digital wallets, exchanges, or ransom payments in digital currency,” an NCA expert warned.

Investing in advanced security tech and response plans

Asked about the solutions to the escalating cyberattacks, Vu Ngoc Son, NCA’s Technology Division Head, stressed that amid these challenges, agencies, organizations, and businesses must invest heavily in cutting-edge security technologies. Leveraging AI and cyber threat intelligence will boost early detection and response capabilities.

Nguyen Van Quan, Deputy Head of VNCS’s Technical Division, believes that to safeguard systems and ensure rapid recovery from attacks, organizations must take key steps: prepare incident response plans, establish risk contingency measures, mobilize personnel to protect systems, and coordinate closely with authorities.

Viettel Cyber Security has recommended five priority tasks for businesses and organizations as follows:

Building cybersecurity monitoring and response systems, setting up 24/7 monitoring with tools like Threat Intelligence, EDR, and NSM for early threat detection and handling.

Adopting modern governance models by implementing zero-trust architecture for IT and OT infrastructure, tightly managing privileged accounts, and separating IT from operational networks to minimize attack risks.

Regularly scanning and patching vulnerabilities by conducting periodic audits, prioritize critical fixes, and controlling supply chain risks.

Investing in advanced security tech by using solutions like External Attack Surface Management, SOC, and DDoS protection to safeguard information assets.

Building a cybersecurity culture by training employees on security awareness regularly, conducting incident response drills, and enforcing strict access controls based on least privilege principles.

“These measures will enable organizations and businesses to effectively counter cyberattacks, ensuring uninterrupted operations and minimizing cybersecurity risks,” a Viettel Cyber Security expert said.

An NCA report released in late 2024 revealed that 46.15 percent of surveyed Vietnamese agencies and businesses experienced a cyberattack this year. Conducted in December 2024, the study surveyed nearly 5,000 entities and organizations across Vietnam.

The results indicated that Vietnamese agencies and businesses have shown improvements in cybersecurity awareness, with an increased focus on investing in technology products and solutions, actively training staff, and standardizing cybersecurity processes.

Specifically, 85.1 percent of entities have equipped their computers and servers with antivirus software; 75.68 percent have invested in firewall solutions; and 64.1 percent have implemented data backup and recovery measures. These are all fundamental and essential solutions aligned with guidelines from regulatory authorities.

Organizations have become more proactive in training to enhance employees’ cybersecurity awareness. Notably, 75.68 percent of organizations conducted at least one internal cybersecurity awareness training session within the year. However, 24.3 percent of entities still reported no cybersecurity training during the same period.

Several new and advanced technological solutions are starting to gain traction. For instance, centralized Security Operations Center (SOC) monitoring solutions have caught the attention of 47.1 percent of agencies and businesses, which are researching or investing in them. Meanwhile, 35.26 percent of entities are using cyber threat intelligence services.

Van Anh