He noted that endpoint vulnerabilities are the Achilles' heel in many cyberattacks in Vietnam.

“In the Vietnam Airlines case, we only saw the tip of the iceberg – the ransomware, while no one thought that the hacker had infiltrated administrative computers three years earlier, silently collecting data and waiting for the right moment to strike.” Quang said at the National Cybersecurity Association (NCA) mid-2025 review conference on July 15.

Endpoints, often personal computers of users with high access privileges, are the most vulnerable yet least prioritized in system security strategies.

Similar issues recurred in other incidents, such as the VNDirect case, where hackers didn’t directly attack the central system but infiltrated user computers, exploited access credentials, and escalated privileges to control IT infrastructure.

This is a common tactic of organized cyberespionage groups, especially foreign ones, to avoid detection and maintain a long-term presence in systems.

Quang said modern cybercriminals don’t require complex techniques and can install hidden software in endpoint crevices, which is enough to control entire systems.

Vietnam has mastered antivirus and endpoint monitoring technology, becoming one of 14 countries globally that have this capability.

However, Quang noted that implementation falls short. “The Prime Minister has issued directives requiring state agencies to use domestic security products for endpoints, but many ministries have not responded or complied adequately.”

BKAV has developed endpoint security systems connected to global virus monitoring networks, exchanging millions of virus samples daily, with integrated behavior analysis and early threat detection.

However, for these products to be effective, policies, inter-agency coordination and widespread implementation are needed.

From domestic defense to exporting digital weapons

Beyond warnings, Quang proposed “an Endpoint Security Alliance, led by the Ministry of Public Security and technology associations, with participation from security firms, research organizations, and major users.”

This alliance would set national endpoint protection standards, promote commercialization of domestic security products, connect to international early-warning networks, and aim to export cybersecurity software as high-tech weapons.

“With standardized systems, Vietnam can supply security monitoring software to developing countries and cross-border organizations, gradually building a Made in Vietnam cybersecurity brand.”

He likened modern cybersecurity to a “battle in the upper layers,” where drones or artillery are merely final tools. 

“Today’s global wars don’t rely solely on weapons; most intelligence and operational plans come from the digital battlefield. Vietnam must prepare for this. We don’t just need defense but can export cybersecurity technology as a strategic weapon. Vietnam has the capability to secure systems and provide services globally,” Quang said.

Thai Khang