The number of exploits targeting organisations in Southeast Asia. — Infographic of Kaspersky

HCM CITY — Existing vulnerabilities in Vietnamese businesses’ corporate networks continue to leave many exposed to cyberattacks, according to global cybersecurity and privacy company Kaspersky.

Its enterprise solutions blocked over 301,880 exploits targeting organisations in Việt Nam between January and June 2025, equivalent to 1,600 a day.

Exploits are a type of malicious programme designed to take advantage of bugs or vulnerabilities in software or operating systems to gain unauthorised access.

When left unpatched, these weak points serve as open doors for cybercriminals.

Among Southeast Asian countries, Indonesia recorded the highest number of exploits (524,657), followed by Việt Nam (301,880), Malaysia (190,556), Thailand (88,966), the Philippines (50,895), and Singapore (38,719).

Globally, most exploits in the second quarter of 2025 targeted unpatched Microsoft Office products. Kaspersky identified three particularly common vulnerabilities: CVE-2018-0802 and CVE-2017-11882, both remote code execution flaws in the Equation Editor component, and CVE-2017-0199, a vulnerability in Microsoft Office and WordPad allowing attackers to gain control over a system.

Adrian Hia, managing director for Asia Pacific at Kaspersky, said: “Việt Nam is indeed a rapidly developing country. SMEs and large organisations are thriving and adopting tools to optimise workflows and enhance operational efficiency. However, this convenience comes with challenges. The more widely used these tools become, the more likely attackers will exploit the vulnerabilities from these tools.

“This is an appropriate time for corporations to integrate cybersecurity into corporate culture, so that it can minimise potential risks before attackers gain access to their networks.”

In the case of web threats, in the first six months of the year organisations in Thailand faced 2.52 million of them, the highest in Southeast Asia.

Malaysia and Indonesia followed closely, and Việt Nam was lower in the list with 1.17 million.

Web threats are malware programmes that target users on the internet.

Though not limited to online activity, they ultimately involve the internet at some stage for causing harm.

To strengthen defences, Kaspersky that businesses should investigate vulnerability exploits exclusively within secure virtual environments, ensure 24/7 infrastructure monitoring with strong perimeter defences, maintain a robust patch management process by promptly installing security updates, deploy reliable endpoint protection with incident response capabilities, employee training and updated threat databases, and use Threat Intelligence to stay informed about attackers’ latest tactics and techniques. — VNS