60% of Vietnamese businesses are not equipped with enough security solutions.

In its assessment of cybersecurity for organizations and businesses in Vietnam shared on March 25, Bkav said that 2024 and the first months of 2025 have witnessed the rampage of viruses, while ransomware has truly become a nightmare.

According to Bkav statistics, in 2024, 155,640 computers in Vietnam were attacked by ransomware. The damage to agencies, organizations and businesses in Vietnam due to the destruction caused by viruses amounted to tens of thousands of billions of VND, including: money paid to hackers to ransom data, direct revenue loss due to system downtime, damage due to loss of customers, brand damage, etc.

For example, on the first day of a data encryption attack, a business lost more than 100 billion VND. Another business's estimated damage after being attacked by ransomware was up to 800 billion VND.

However, according to experts, what is seen or calculated is just the tip of the iceberg. In recent years, requests for help due to ransomware attacks have been sent to authorities and businesses at a high density.

W-ransomware-attacks-vietnamese-businesses-2-1-1.jpg
Recently, requests for help due to ransomware attacks have been sent to authorities and businesses at high density. Illustration photo: NL

Bkav's research also shows that virus activities are increasingly dangerous and sophisticated with clear and methodical attack strategies. Data encryption viruses target businesses, blackmail targets with huge ransoms. Targeted attack viruses - APT silently spread, lie dormant in agencies and organizations, aiming to steal intelligence information.

“Every day, millions of new virus samples appear and the damage caused by malware is terrible. But in Vietnam, the sad reality is that up to 60% of businesses are not equipped with adequate security solutions,” said Nguyen Dinh Thuy, Head of Malware Research at Bkav.

According to Mr. Nguyen Dinh Thuy, at all agencies, businesses and organizations that Bkav has participated in responding to incidents caused by virus attacks, anti-virus software is often not installed, or foreign software is used without close support from experts.

In fact, many businesses only rely on the operating system's built-in anti-virus feature, which is only basic and not capable of protecting users from today's sophisticated viruses.

“The anti-virus feature available on the operating system cannot completely solve virus problems because it only provides the most basic features. Therefore, users will not be completely protected from APT malware or ransomware, which are designed to penetrate deeply into the system to lie dormant, steal data or extort money,” Bkav experts analyzed.

APT attacks and ransomware continue to be major threats

According to Bkav experts, APT spy viruses and ransomware are hiding in many systems in Vietnam, they are spreading silently and will cause harm, attacking at the right time in the near future. Agencies, organizations and businesses need to raise awareness of network security and immediately apply measures to prevent computer viruses in a professional manner.

Information security experts all agree that APT attacks, ransomware attacks and spyware attacks are still the main forms of attack that businesses and organizations globally as well as in Vietnam need to pay special attention to prevent.

Speaking to VietNamNet reporter, Mr. Hoang Duc Hoan, information security monitoring expert of VSEC Company, assessed: Ransomware is still one of the biggest threats in 2025, but ransomware attacks will become more sophisticated and targeted.

Attack groups will not only encrypt data and demand ransom, but also steal sensitive information and publicly threaten victims if they don't pay.

“Ransomware can even be used by hackers to attack critical infrastructure such as hospitals, energy systems and transport infrastructure, causing serious consequences for society and the economy,” Mr. Hoang Duc Hoan added.

W-ransomware-attacks-vietnamese-businesses-3-1.jpg
24/7 network security monitoring to detect risks early is a recommended measure for organizations and businesses. Illustration photo: TL

Previously, the results of a cybersecurity survey published by the National Cyber ​​Security Association (NCA) at the end of 2024 showed that the number and scale of attacks on agencies and businesses increased significantly, with more than 659,000 cases.

In 2024, 46.15% of NCA survey respondents reported experiencing at least one cyber attack per year, and 6.77% reported experiencing frequent attacks.

In particular, the NCA survey also showed that APT attacks and ransomware attacks are the two most common forms of attack in 2024, with 26.14% of attacks in the year being APT attacks using spyware; 14.59% of agencies and businesses said they had been attacked with ransomware.

In the context of cyber attacks on businesses and organizations increasing in both quantity and sophistication, experts recommend that units need to regularly review and promptly handle existing vulnerabilities in the system; monitor network security 24/7 to detect risks early.

At the same time, it is necessary to develop and maintain a clear incident response plan, ensure regular data backup and recovery, and minimize damage when incidents occur.

IoT and blockchain are becoming new targets for hackers . According to experts, the rise of IoT devices and blockchain ecosystems will cause hackers to focus on poorly secured devices and cryptocurrency trading platforms, increasing financial risks and data loss for organizations.