These are the standout figures from the Q3/2025 Vietnam Cybersecurity Risk Report, recently published by Viettel Cyber Security (VCS). The 55-page report, built on the Viettel Threat Intelligence system—a real-time monitoring, analysis, and threat warning platform—reveals an unprecedented surge in cybercrime.
Data was gathered from thousands of domestic and international sources, including Viettel’s monitoring network, underground forums, active malware, and fraudulent domain systems. This highlights the increasing professionalism of cybercriminal groups, who are focusing on exploiting valuable data and critical sectors while maximizing the power of AI.
Cyberattacks Explode Across Multiple Fronts
According to the VCS Report, cyberattack trends continue to revolve around long-standing issues such as data breaches, security vulnerabilities, DDoS attacks, targeted attacks, and hybrid assault methods. However, in Q3/2025, the report notes a dramatic increase in both the scale and impact of these attacks, underscoring their severity as data becomes an increasingly valuable resource.
During this quarter, Vietnam recorded over 502 million organizational and enterprise data records leaked. The number of compromised personal accounts reached 6.5 million, a 64% increase from the previous quarter. The financial, energy, and critical infrastructure sectors were hit hardest, with hundreds of millions of records exposed.
Sharp rise in leaked personal account records in Q3/2025. Source: Viettel Cyber Security
Using exclusive data from the internet, VCS reports a significant increase in online fraud, with nearly 4,000 fraudulent domains and 877 brand-impersonating websites detected—up 325% and 264% respectively compared to the same period in 2024. These campaigns primarily impersonate banks, government agencies, or e-commerce brands, distributing phishing emails and messages containing fake links to steal financial information, account details, and OTP codes.
Cyberattacks are not limited to individual users; they also target large, critical systems. Notably, alongside an incident where a major system containing bank customer data was sold, VCS recorded 17 cases involving over 195 million leaked records. In the consumer services sector, 62 incidents exposed 177 million records, equivalent to 2.43 GB of data.
Number of data breach incidents in Vietnam by sector. Source: Viettel Cyber Security
Notably, a new trend in Q3 involves severe incidents stemming from the exploitation of vulnerabilities in end-of-life products. Additionally, VCS experts highlight a less-discussed cause: software developers sharing project source code on public platforms. Among the recorded source code leaks, GitHub—a popular platform among Vietnamese developers—accounted for 90 out of 103 cases.
Distributed Denial of Service (DDoS) attacks have also increased in frequency and intensity. The Viettel AntiDDoS system recorded over 547,000 attacks in the quarter, double the number from the same period last year. September 2025 saw a sharp spike, with nearly four times the average monthly attacks. The most common method is carpet bombing, which targets an entire IP range to generate massive traffic, overwhelming systems even if individual IPs are only moderately loaded.
“This trend shows that hackers are becoming more targeted and prepared, using multi-layered tactics instead of indiscriminate attacks,” noted a Viettel Cyber Security representative.
AI Shapes the New Generation of Cyberattacks
As AI influences every sector, cybersecurity is no exception. The VCS report clarifies AI’s impact on cyberattack trends, particularly its use in planning, reconnaissance, creating fraudulent content, and automating malware generation.
In analyzed cases of Advanced Persistent Threats (APTs), VCS experts found that groups like SweetSpecter, CyberAv3ngers, and Lazarus use AI to automate reconnaissance and vulnerability exploitation. This significantly boosts the success rate of their attacks.
AI also drives the growth of Malware-as-a-Service (MaaS), lowering the technical barrier for less-skilled attackers. MaaS platforms allow non-experts to purchase full attack packages for as little as a few dozen USD. “One of the most alarming developments is AI-powered polymorphic malware, which continuously alters its code structure while maintaining its core function,” warns a VCS expert. “AI enables these malwares to generate new, smarter variants more effectively than ever.”
As a leading cybersecurity service provider in Vietnam, Viettel Cyber Security offers recommendations for organizations and businesses to build a multi-layered defense strategy, combining smart monitoring technology and human training.
Given the sophistication of cyberattacks, organizations must shift from reactive to proactive defense. They should maintain 24/7 monitoring and response, adopt Threat Intelligence platforms for early intrusion detection, and collaborate with cybersecurity providers for better threat awareness and incident response.
Experts also advise managing supply chain risks by ensuring partners and contractors comply with cybersecurity standards and include clear security clauses in contracts. Regular system audits, timely patching, periodic data backups, and advanced solutions like Zero Trust and External Attack Surface Management are essential.
“Ultimately, human factors remain the most critical defense line. Building a security-first culture, raising awareness, and implementing least-privilege access control significantly reduce insider risks,” recommends a VCS expert.
Thousands Frustrated as Week-Long Efforts Fail to Submit Social Housing Applications Online
Struggling to secure a NOXH online application for Rice Long Châu, a determined couple took turns requesting leave from work, meticulously planning shifts to ensure one of them could submit their application. Despite their relentless efforts, success remained elusive. The developer’s daily cap of 70 online submissions has left thousands of hopeful applicants in limbo, unable to finalize their registration.
State Audit Office Tightens Cybersecurity as Vietnam Ranks Among Top 10 Most Cyber-Attacked Nations Globally
On the afternoon of September 23rd, at the headquarters of the State Audit Office of Vietnam (SAO), Deputy Auditor General Bùi Quốc Dũng chaired the Cybersecurity Drill Conference on the State Audit Office’s Information System. The event was jointly organized by the Information Technology Department of SAO, in collaboration with Viettel Cyber Security Company and NGS Equipment and Communication Joint Stock Company.
Avoid Unnecessary Losses When Using e-Wallets
The digital wallet landscape is evolving, with over 20 e-wallet apps now available, according to the National Competition Committee. When choosing an e-wallet, it is crucial for users to ensure they are downloading from a trusted source to safeguard their digital finances.
The Art of the Scam: Uncovering the Tactics Used to Target Large Corporations
The Ho Chi Minh City Police warn the public to be vigilant against fraudsters using the images of prominent business leaders and entrepreneurs to scam unsuspecting victims. These scammers exploit the reputation and influence of well-known company directors and business owners to deceive and defraud innocent people. It is a despicable act that preys on the trust and admiration associated with these respected individuals.
Viettel Cyber Security Releases “Report on Information Security Threats in Vietnam” for the First Half of 2024
“Viettel Cyber Security (VCS) has released its ‘Report on Information Security Threats in Vietnam for the First Half of 2024’. The report offers an in-depth analysis and insights into the evolving landscape of information security threats facing organizations and businesses in the country. By highlighting key trends and providing essential recommendations, VCS aims to empower enterprises to proactively safeguard themselves against potential risks and vulnerabilities.”
