On June 13th, Vietnamese President To Lam met with United States Ambassador Marc E. Knapper and proposed to enhance the national cooperation in anti-terrorism, transnational crime, and cybersecurity.
Two days earlier, on June 11th, President To Lam met with Chinese Ambassador Xiong Bo. The President urged China to “respect each other’s legitimate rights” at sea. This appeal followed the presence of a Chinese navy survey ship in Vietnam’s exclusive economic zone (EEZ) for nearly a month. At times, the survey ship was accompanied by at least a dozen other vessels. Despite Vietnam’s Ministry of Foreign Affairs demanding the immediate removal of these ships in May, China did not comply until June.
The proposal for expanded security cooperation with the U.S. aligns with Vietnam’s Bamboo Diplomacy, which seeks to balance relations with major powers while safeguarding sovereignty, akin to bamboo bending with the wind but not breaking. Notably, Russian President Vladimir Putin is scheduled to visit Vietnam on June 19th and 20th. These diplomatic engagements highlight broader geopolitical dynamics.
Given these circumstances, Vietnam faces significant cybersecurity challenges. According to the Ministry of Public Security, Vietnam recorded 13,900 cyberattacks in 2023, resulting in damages exceeding 390,000 billion VND. In April 2024, Pham Thai Son, the Deputy Director of the National Cyber Security Monitoring Center (NCSC) in Vietnam, reported approximately 13,000 ransomware attacks in the first quarter of 2024 alone, marking a stark increase from the previous year. Viettel Cyber Security, a company under Vietnam’s Ministry of National Defense, identified LockBit malware as the most prevalent malicious code.
Moreover, a newspaper under Vietnam’s Ministry of Information and Communications reported a significant increase in cyberattacks targeting Vietnamese medical facilities over the past year. Some of these attacks have disrupted healthcare services for patients.
For instance, An Giang Provincial Central General Hospital fell victim to a cyberattack that encrypted its data at the end of 2023. Additionally, earlier in the year, a major hospital in Ho Chi Minh City was targeted by ransomware, according to a local news outlet. Attackers used phishing emails to target employees, allowing the malware to infiltrate the hospital’s internal network. This resulted in significant operational disruptions, causing delays in treatment processes and impacting both patients and medical staff. In March 2024, the website used by Ho Chi Minh City Heart Hospital for issuing online medical examination numbers was targeted in a cyberattack, leading to further disruptions in healthcare services.
President To Lam’s proposal to enhance security cooperation with the United States underscores Vietnam’s proactive approach amidst complex global dynamics, reflecting the nation’s strategic balancing act to safeguard national interests. As cyberattacks escalate worldwide, it is evident that no country is immune to these threats. The imperative for cybersecurity collaboration is clear, requiring careful consideration of geopolitical complexities and ongoing international dynamics. By fostering dialogue and cooperation, nations can collectively address shared cybersecurity challenges while navigating the broader geopolitical landscape.
Related article: Vietnam lists Chinese hacker groups Mustang Panda, APT31 as espionage threats
Despite their shared communist ideology and recent efforts to enhance their bilateral relationship, Vietnam has identified Chinese hacker groups Mustang Panda and the advanced persistent threat (APT) actors APT31 as significant espionage threats for 2024.
The Vietnamese government, drawing on an analysis by Bkav, a top cybersecurity firm in Vietnam, has released a report highlighting key cybersecurity challenges and predictions for 2024. Bkav observed a significant rise in espionage-related cyberattacks targeting Vietnam in 2023, noting a 55% increase from the year before. These attacks impacted more than 280,000 computers and were attributed to several Chinese threat groups, notably Mustang Panda and APT31. The report points out that these attackers utilized malware tools like PlugX, CobaltStrike, and njRAT to exfiltrate data.
Mustang Panda, an infamous Chinese cyber threat group, has been active in targeting foreign entities and has been well-known to the cybersecurity community since at least 2012. This group has conducted cyberattacks against the governments of Myanmar, the Philippines, Indonesia, Australia, Taiwan, Japan, the United States, the United Kingdom, Estonia, Finland, Greece, Latvia, and Turkey, according to multiple cybersecurity researchers. Mustang Panda specializes in espionage, utilizing spear-phishing campaigns that leverage current events like COVID-19, the Russia-Ukraine conflict, international summits, and various other subjects to compromise their targets. READ MORE
