Last month, Vietnamese broker VNDirect Cyber Systems shut down its securities trading systems and disconnected from the country’s two stock exchanges after a ransomware attack that encrypted critical data. VNDirect remained offline to recover until eight days later, when the Ho Chi Minh and Hanoi stock exchanges allowed him to resume activity on April 1st.
VNDirect Cyber Systems is just the latest Vietnamese company whose operations have been severely affected interrupted by a cyber attack.
In 2023, nearly 14,000 organizations across Vietnam suffered a cyber attack, a 10% increase from the previous year, according to the country’s National Cyber Security Center (NCSC). While the estimated damages caused by malicious software fell for the second consecutive year to VND17.3 trillion, or about $690 million, a number of other cybersecurity metrics continue to worsen, according to regional experts.
Overall, the country’s economic picture is constantly changing. And that has led to an increase in cybercrime, says Ngoc Bui, a cybersecurity expert at Menlo Security, a provider of secure enterprise browser technology.
“Economic conditions, particularly in regions with limited job opportunities and low wages for highly skilled roles, can push people to engage in cybercrime,” he says. “This trend, fueled by the allure of the rewards of cybercrime and digital anonymity, highlights the need to create legitimate tech jobs to spur economic growth and combat cybercrime.”
Vietnam is one of Asia’s fastest growing economies and makes the most of its connections with both China and the United States. The country’s digital economy is expected to surpass $43 billion by 2025, partly due to its focus on technology, including e-government initiatives, smart cities and artificial intelligence, according to the consulting giant PricewaterhouseCoopers. As a result, in mid-March, a delegation of nearly 60 US companies – including giants like Meta and Boeing – visited the country to look for investment opportunities.
Cracked software, junk bank accounts
The success has brought rapid and significant technology adoption cybercrime.
According to regional cybersecurity firm Bkav Technology Group, nearly 750,000 systems were attacked by credential-stealing malware in 2023, a 40% increase from the previous year. Online financial fraud has taken off because of a country-specific problem: bank account owners selling access to unused accounts. These so-called “junk accounts” make it difficult to do so track cyber criminals following the money, says Nguyen Van Cuong, director of cybersecurity at Bkav.
“Many people simply think that selling accounts they don’t use won’t be a problem,” he said in a statement. “But in reality the bad guys took advantage of these bank accounts to carry out illegal transactions, hiding their origin, putting investigative agencies in difficulty.”
Pirated or cracked software is another big problem. 53% of computers are believed to use pirated software, according to Bkav.
Although the government has issued decrees to increase cybersecurity awareness, citizens continue to participate in these risky digital behaviors, such as junk bank accounts and the use of cracked software, says threat intelligence research analyst Sarah Jones computer science at Critical Start.
“Vietnam’s rapid digital growth creates a larger target for cybercriminals, and the lack of cybersecurity awareness among users makes them more vulnerable,” he says. “The widespread use of cracked software further exposes individuals and organizations to malware and exploitable weaknesses.”
Countering cybercrime
Vietnam’s ruling Communist Party has strived to keep pace with cybercrime, issuing a series of directives to strengthen laws on cybercrime prevention and investigation in 2021, and launched efforts to raise awareness in 2020 public information security. Another directive, passed in 2019, required public sector organizations to spend at least 10% of their IT budget on cybersecurity. The sustained efforts strengthened Vietnam’s position the global cybersecurity index ranked 25th out of 194 countries in the 2020 report (the latest available), up from 100th in 2017.
The country is already working with the United Nations Office on Drugs and Crime (UNODC) to strengthen the technical skills of law enforcement agencies to combat money laundering and other crimes.
However, divisions within the country are also driving the creation of dark platforms to escape growing government surveillance and internet censorship. A military group made up of thousands of service members, known as Force 47, monitors communications and manages censorship in accordance with government mandates, but has also led to the creation of several anonymity-as-a-service groups.
Such efforts will likely result in dark markets and stronger platforms like VietCredCare and DarkGate, both created by local APT groups like Ocean lotus and Lotus Bane, says Ken Dunham, director of cyber threats at Qualys Threat Research Group.
“The threat landscape in Vietnam is complicated with APT groups targeting companies for the benefit of the country, [as well as] Censorship, monitoring and blocking of Internet content by the Force 47 group,” he says.
The next two years will be uncertain for Vietnam in many ways.
The Communist Party’s leadership is expected to change by 2026, and economists question whether the country can continue to make strong economic gains. Both uncertainties could generate more cybercrime in the future.