These are standout figures in the Vietnam Cybersecurity Threat Landscape Report for Q3/2025 just released by Viettel Cyber Security (VCS). The 55-page report, built on the Viettel Threat Intelligence platform, a real-time threat monitoring, analysis, and warning system, shows cybercrime surging at an unprecedented rate.

Cyberattacks explode 

VCS reported that cyberattacks still revolve around long-standing issues. However, Q3/2025 saw a sharp surge in both scale and impact, highlighting the severity amid data becoming an increasingly valuable resource.

Vietnam recorded over 502 million leaked enterprise data records. Stolen personal accounts reached 6.5 million, up 64 percent from the previous quarter. Finance-banking, energy, and critical infrastructure sectors suffered most, with hundreds of millions of compromised records.

VCS proprietary data showed that online scams continued rising sharply, with nearly 4,000 phishing domains and 877 fake brand websites detected, up 325 percent and 264 percent, respectively, from 2024. These campaigns mainly impersonated banks, government agencies, or e-commerce brands, distributing SMS and emails with fake links to steal financial info, accounts, and OTPs.

Cyberattacks targeted not only users but also major critical systems. Notably, alongside a major banking customer database being sold, VCS recorded 17 incidents with over 195 million leaked records. In consumer-personal services, 62 incidents with 177 million records (equivalent to 2.43 GB) were detected.

Among causes, a new factor emerged: severe incidents came from exploiting vulnerabilities in end-of-life products.

Additionally, distributed denial-of-service (DDoS) attacks increased in frequency and intensity. Viettel AntiDDoS system recorded over 547,000 attacks in the quarter, double the same period last year. 

September 2025 saw a surge, nearly 4 times the monthly average. The most common form was carpet bombing - simultaneously targeting entire IP ranges to generate massive traffic, paralyzing systems despite average load per IP.

AI shapes new generation of cyberattacks

AI impacts every sector, and cybersecurity is no exception. In some advanced persistent threat (APT) cases, Viettel Cyber Security experts assessed AI was used to automate reconnaissance and vulnerability exploitation, significantly raising attack success rates.

AI also drives Malware-as-a-Service (MaaS) growth, lowering technical barriers so low-skilled individuals can launch attacks. MaaS platforms exploded, allowing non-experts to buy full attack packages for just tens of USD. “One of the most concerning developments is AI-supported polymorphic malware,” VCS experts warned. 

AI enables this malware not only to change structure but also to intelligently generate new variants more sophisticated than ever.

Accordingly, amid increasingly sophisticated attacks, organizations and enterprises have been advised to shift from reactive to proactive defense, applying Threat Intelligence platforms to detect early signs of intrusion, data encryption attacks, or APT campaigns. Collaborating and sharing information with cybersecurity service providers also enhances early warning and incident response capabilities.

Thai Khang