Kaspersky's report shows that most cyber attacks in Vietnam focus on exploiting common vulnerabilities in Microsoft Office software such as CVE-2018-0802, CVE-2017-11882 and CVE-2017-0199. These are vulnerabilities that were discovered a long time ago but have not been patched by many organizations in time, making it easy for hackers to penetrate the system.
Kaspersky representative commented: "The fact that vulnerabilities from many years ago are still being exploited shows that many organizations do not strictly follow the patch management process."
Old Vulnerabilities, New Risks: Vietnam Ranks Second in Southeast Asia in Number of Cyber Attacks
In the second quarter of 2025, global attacks continued to focus on the Equation Editor component - a long-standing mathematical formula processing tool in Microsoft Office. The fact that agencies and businesses, despite knowing the risks, have not acted promptly, makes the risk of exploitation increasingly greater.
The report also stated that APT (Advanced Persistent Threat) groups do not only stop at attacking office software but also expand their targets to low-code/no-code development platforms and artificial intelligence (AI) applications - a field that is widely used by many businesses but lacks adequate defense measures.
In that context, cybersecurity experts warn that both businesses and government agencies need to strengthen their cyber defense capabilities in a more proactive manner. This includes regularly reviewing and promptly patching vulnerabilities in software, especially Microsoft products; maintaining a 24/7 monitoring system that combines multi-layered defenses; and deploying solutions to detect and prevent malware such as anti-malware or IDS/IPS.
In addition to technical factors, staff training on information security also needs to be focused on, helping them to recognize early and respond effectively to new attack tactics (TTPs) of cybercriminals.
Experts say this is no longer a purely technical issue but has become a vital factor in the operational and development strategy of each organization. The fact that Vietnam ranks second in the region in terms of the number of security vulnerabilities is a clear warning of the urgent need to strengthen digital defense systems, increase investment in security and build a systematic incident response process, in order to minimize damage and improve national cybersecurity autonomy.
Source: https://doanhnghiepvn.vn/cong-nghe/hon-300-000-vu-khai-thac-lo-hong-phan-mem-viet-nam-doi-mat-nguy-co-an-ninh-mang-gia-tang/20251018063137455
Comment (0)