Ảnh Kaspersky 1 Kaspersky Unpatched systems expose Vietnam businesses to exploits.JPG
Vietnam ranks second in Southeast Asia for exploit attacks in the first half of 2025. Photo: Kaspersky

In just six months, Kaspersky’s security systems blocked more than 301,880 exploit attempts targeting Vietnamese enterprises — averaging around 1,600 attacks per day.

This figure places Vietnam just behind Indonesia, which recorded 524,657 such incidents.

Kaspersky experts noted that exploit attacks typically take advantage of vulnerabilities in unpatched software, operating systems, or applications.

Once breached, attackers can take control of corporate data, systems, and resources.

In Q2 2025, Microsoft Office and Windows products remained the most common targets for attackers.

The three most exploited vulnerabilities were CVE-2018-0802 and CVE-2017-11882 — both remote code execution flaws in Equation Editor — and CVE-2017-0199, a vulnerability in Office and WordPad that allows full system control.

The report also highlighted a new trend: cybercriminals increasingly exploiting low-code/no-code (LCNC) platforms and AI frameworks, which are being widely adopted by businesses to streamline operations.

Low-code/no-code platforms allow users to build applications through drag-and-drop interfaces, without traditional programming skills.

Both non-technical users and professional IT teams can quickly create websites and mobile apps using pre-designed templates and visual tools.

Adrian Hia, Managing Director for Asia-Pacific at Kaspersky, observed that both small and medium-sized enterprises (SMEs) and large corporations are aggressively adopting such technologies to enhance productivity and efficiency.

However, “the more businesses adopt these tools, the greater the risk of hackers exploiting their vulnerabilities,” he warned.

To mitigate risks, Hia advised companies to build a strong internal cybersecurity culture that proactively addresses threats before becoming a victim.

In the same period, Kaspersky's security solutions in Vietnam also blocked 2.29 million online threats — a 13.7% increase compared to the same period in 2024.

Though lower than Thailand (2.52 million) and Malaysia (1.7 million), the rising trend suggests that Vietnamese enterprises are becoming more frequent targets of cybercriminals across the region.

Online threats are malicious programs capable of attacking users while they browse the internet.

Kaspersky recommends businesses perform vulnerability testing in secure virtual environments rather than on live systems, monitor networks 24/7, and regularly update cybersecurity software to maintain a robust patching cycle.

Du Lam