Data theft attacks explode: Barrier to digital economic development

Data theft attacks are not only a barrier to digital economic development, but also a direct threat to the global economy.

Since the beginning of 2025, many high-profile personal data breaches have been recorded, such as the customer care center of partner airline Qantas being hacked, exposing data of nearly 6 million customers.

Recent figures show that the scale and cost have gone beyond normal losses. In late April 2025, Marks & Spencer (M&S) suffered a system breach, affecting services such as online ordering, warehouse systems, and distribution, while customer data was exposed. The incident cost the British retailer about $400 million in losses in the 2025-2026 financial year.

A report by the non-profit Identity Theft Resource Center and IBM shows that in 2024, the world recorded more than 3,100 data breaches, with an average loss per incident of about $4.88 million. This number is forecast to continue to increase, possibly reaching $5.3 million this year without better control measures.

Notably, Statista (a German online platform specializing in data collection and visualization) said that the total damage from cybercrime could reach 10,000 billion USD per year, if all costs from data loss, business interruption, system recovery, loss of reputation... are calculated.

Beyond the single loss for individual companies, cybercrime damages supply chains, disrupts public services and disrupts markets. Attacks of the scale of WannaCry and NotPetya (2017) have become typical examples. WannaCry infected hundreds of thousands of computers in more than 150 countries, causing billions of dollars in losses; NotPetya, which targeted systems mainly in Ukraine, is estimated to have cost the global economy more than $10 billion.

Similarly, the SolarWinds incident (2020) exposed vulnerabilities in the software supply chain, affecting thousands of customers and government agencies; the Colonial Pipeline attack (2021) forced the largest fuel pipeline system on the US East Coast to halt, disrupting gas prices and supplies; global food suppliers such as JBS also had to suspend production and accept ransom payments to restore operations. These incidents not only caused direct losses (extortion costs, remediation costs), but also entailed large indirect costs, especially loss of customer trust and legal risks.

In terms of overall economic scale, Cybersecurity Ventures (a research and media organization specializing in cybersecurity) estimates that the global cost of cybercrime could reach trillions of dollars per year over the next decade. But official figures only reflect the tip of the iceberg, as many organizations do not report or conceal the damage. This leads to a double consequence: Significantly increased cybersecurity costs for businesses (defensive investments, risk insurance) and inertia in digital transformation due to concerns about security risks.

Experts say there are four main reasons why cybercrime is on the rise. First is the huge economic value of data and systems. Second is the high-profitability of organized crime, where a successful attack can bring in millions of dollars. Third is the vulnerability in the software supply chain, weak configurations, and lax access control. Fourth is the development of technology that allows for increasingly sophisticated remote attacks and extortion techniques. Reports also note an increase in attacks targeting cloud services, managed service providers (MSPs) and critical infrastructure, meaning the risk is becoming more systemic.

To cope, it is important that the response be multi-pronged: Strengthening the legal framework for mandatory incident reporting, setting minimum security standards, encouraging the sharing of threat intelligence between businesses and public authorities; and stepping up investment in detection and response capabilities, impenetrable backups, multi-factor authentication, vulnerability patch management, and software supply chain controls.

Many countries have established regulations requiring entities to report incidents within short timeframes; implemented international cooperation to track and disrupt criminal networks, seized assets... creating some deterrent effects.

In general, risks in the digital space are no longer a technological issue but have become macroeconomic risks. To respond effectively, policy intervention is indispensable, along with the responsibility and investment of the private sector. If neglected, risks from data theft and cyber attacks will erode the benefits of digital transformation, reduce investment incentives and threaten financial security with long-term consequences, deeply affecting economic and social security.

(According to Statista, IBM, Neowin)

Source: https://hanoimoi.vn/tan-cong-danh-cap-du-lieu-bung-no-rao-can-phat-trien-kinh-te-so-715925.html