$9.5 trillion lost due to global cyber attacks

Global cyber attacks are on the rise

By 2024, the world will record a cyber security loss of up to $9.5 trillion, according to a report by Cybersecurity Ventures. In the first 6 months of 2025, the blockchain sector continues to be the main target, with a total estimated loss of $2.17 billion and 657 attacks since 2020.

By 2024, the world will record cyber security losses of up to 9.5 trillion USD. (Source: iStock)

James T. – an expert at Chainalysis commented: “Blockchain platforms lack centralized oversight, becoming attractive targets for hackers.”

Some common forms of cyberattacks are causing serious consequences for both businesses and individuals. Ransomware is a type of malware designed to encrypt all data, making it inaccessible to users unless they pay a ransom to hackers.

In addition, phishing and BEC (Business Email Compromise) are sophisticated fraud techniques, often through emails impersonating reputable organizations to steal account information or appropriate financial assets of businesses.

No less dangerous, DDoS (Distributed Denial-of-Service) is a form of denial of service attack, in which hackers use botnets to create a huge amount of virtual traffic, causing the system to overload and become unable to operate normally.

In the blockchain space alone, smart contract attacks are becoming more common. A typical example is the $1.5 billion hack of the Bybit exchange, which shocked the global fintech community and exposed vulnerabilities in the security mechanisms of decentralized protocols.

Vietnam steps up defenses against growing cyber threats

According to data from the National Cyber Security Center (NCSC), Vietnam is struggling to cope with cyber attacks that are increasing in both number and scale. In 2024 alone, the country recorded losses of up to VND18,900 billion due to online fraud. At the same time, there were up to 659,000 cyber attacks on the systems of agencies and businesses, leading to information leaks from 14.5 million user accounts.

At the same time, Vietnam has faced a sharp increase in ransomware — a type of malware that encrypted 10TB of data, causing many organizations to stall operations. In parallel, more than 924,000 DDoS attacks have overloaded the network system, and over 4,000 fake domains have been discovered, most of which are used for fraud and asset appropriation.

The first half of 2025 continues to see new, more sophisticated forms of attack, especially thanks to the application of artificial intelligence (AI). Deepfake and voicefake are being exploited to fake the voices and images of loved ones to commit fraud via social networks. At the same time, forms of quishing — using fake QR codes in public places — have caused many people to lose money.

Common types of network viruses in Vietnam. (Source: BKAV)

According to cybersecurity experts, the main reason for the huge losses is the lack of specialized personnel in the field of cybersecurity, along with the fact that many organizations have not invested in a systematic monitoring system (SOC). Notably, people do not have full awareness of personal data protection, making them easy victims.

Mr. Ngo Minh Hieu (Hieu PC) - Cybersecurity expert - commented: "Cybercriminals in Vietnam are moving to more sophisticated forms of fraud, such as impersonating relatives through deepfake and voicefake. Users need to be trained in risk identification skills, not just relying on protection software."

Response: Action needed from the root

To effectively deal with the increasingly sophisticated threat of cyber attacks, domestic and foreign experts emphasize the importance of building sustainable defense capabilities.

First of all, training a cybersecurity team according to international standards is the core foundation. Mr. Kevin Mitnick - cybersecurity expert, author of the book "The Art of Invisibility" - assessed: "The biggest threat to cybersecurity is not technology - but people. We need to educate users and build a security culture."

Data protection is not just about technology, it is about responsibility. (Illustration photo)

Applying artificial intelligence (AI) to monitor and analyze unusual intrusion behavior is an important step forward, but also requires strict control.

“AI is being used by hackers to create sophisticated deepfakes and phishing attacks. But AI is also a powerful tool for detecting anomalous behavior – if trained and deployed properly,” warns Mikko Hypponen, a cybersecurity expert at WithSecure.

Establishing a rapid incident response process is critical to minimizing cyber security losses. According to industry reports, if an incident is handled in a timely manner, losses can be reduced by up to 70%.

For businesses, it is necessary to proactively model risk scenarios and organize regular drills to improve response capabilities. Establishing an internal incident response team and establishing an effective coordination mechanism with specialized agencies are necessary steps to ensure information security.

In addition, raising public awareness through warning communications is a fundamental solution, helping people and businesses identify risks, prevent them early, and contribute to building a safer digital ecosystem.