Hanoi (VNA) - Cybersecurity is expected to remain a significant challenge for Vietnam in 2025, as the rapid development of technology and the expansion of the digital economy continue to heighten the risk of cyberattacks.
Against the backdrop of a robust digital transformation, 2025 is anticipated to mark the widespread adoption of artificial intelligence (AI) in Vietnam’s cybersecurity sector. Experts predict that while AI will play a critical role in protecting information systems, cybercriminals are also likely to exploit it to carry out more sophisticated attacks.
The massive losses of 18.9 trillion VND (740 million USD) caused by online scams in 2024 serve as a motivation for cybercriminals to continue targeting users. As cyberattacks become increasingly professionalised, the methods employed by hackers are evolving, posing new challenges for individuals, businesses, and the government.
According to Vu Ngoc Son, head of the Technology Department at the National Cybersecurity Association and Chief Technology Officer of the National Cybersecurity Technology Company (NCS), modern cyberattacks are often carried out by professional groups that operate like organized companies. Traditional cyberattacks, such as data theft or ransomware, remain profitable. However, newer forms of attacks are being developed as long-term investments to expand the scope of cybercrime.

The National Cybersecurity Association’s report highlights that traditional cyberattack methods will continue to dominate, but hackers are also shifting their focus to emerging systems like automation guided vehicles and drones. By targeting centralized management or remote control systems, hackers could seize control of these technologies, leading to not only financial losses but also potential public safety disasters.
Son identified two primary cybersecurity threats that users may face in 2025, including phishing scams, spyware, and data theft.
Phishing tactics are more sophisticated and varied. While some scams will employ advanced techniques, others will rely on simple yet effective methods that exploit human psychology, lack of awareness, and greed. As long as users remain unaware and fail to recognize unrealistic or enticing online offers, phishing scams will persist.
The digital transformation will lead to users installing numerous applications on their devices, increasing the risk of malicious software infiltrating downloaded applications. Spyware can monitor and steal sensitive information, while security vulnerabilities in rapidly developed software provide hackers with opportunities to remotely control devices.
The rise of advanced technologies like AI and Deepfake will make cyberattacks even more unpredictable. Hackers can use Deepfake to create fake videos or voice recordings to deceive users or launch large-scale social engineering campaigns. AI can also be used to generate malware more quickly and efficiently, bypassing security systems and antivirus software.
High-speed internet technologies like Wi-Fi and 5G will further enable hackers to monitor and steal data in near real-time, leaving victims unaware of breaches until it is too late.
To combat cyberattacks and online scams, the National Cybersecurity Association has urged the government, businesses, and individuals to proactively enhance their security capabilities, adopt advanced technological solutions, and strictly comply with legal regulations on information protection.
To enhance cybersecurity, organisations are encouraged to regularly update their software and systems while implementing basic security measures such as firewalls and antivirus software. Maintaining data backups is considered essential, and advanced solutions like Security Operations Centers (SOC) and Endpoint Detection and Response (EDR) are often recommended to strengthen security frameworks.
Raising awareness among employees is seen as a critical step, with regular training sessions—ideally conducted once or twice a year—helping staff recognize threats such as phishing, ransomware, and Advanced Persistent Threats (APT). Additionally, cybersecurity drills may be conducted periodically to improve an organization’s ability to respond to potential incidents.
The implementation of strict security policies, including access management and multi-factor authentication (MFA), is widely regarded as a best practice. Organizations may also benefit from collaborating with cybersecurity alliances to leverage national resources. In cases where expertise is lacking, engaging specialized cybersecurity firms can help bridge the gap.
For individual users, ensuring the security of personal devices involves installing and regularly updating antivirus and security applications. The use of strong passwords, incorporating uppercase and lowercase letters, numbers, and special characters, is strongly advised, with multi-factor authentication recommended for critical accounts such as banking, email, and social media.
Caution is also advised when handling online links, particularly those received through unsolicited emails or messages. Users are encouraged to download applications only from official sources like the App Store, Google Play, or providers’ official websites. Public Wi-Fi networks should be avoided for sensitive activities such as financial transactions or logging into important accounts.

Keeping up with the latest cybersecurity threats can help individuals stay protected, with alerts from reputable organizations, including the National Cybersecurity Association, the Ministry of Public Security, and financial institutions, serving as valuable resources. Additionally, users are advised to exercise caution when sharing personal or financial information, particularly in response to unclear or unexpected requests.
As Vietnam continues its digital transformation, the cybersecurity landscape in 2025 will be shaped by both technological advancements and the evolving tactics of cybercriminals. By adopting proactive measures and fostering collaboration among stakeholders, the country can build a robust digital shield to protect its citizens, businesses, and critical infrastructure from the growing threat of cyberattacks./.