Vietnam Post
The Central Post Office in Ho Chi Minh City. Credit: Steffen Schmitz / WikiMedia Commons

Vietnam’s state postal service claims to restore its systems after cyberattack

The Vietnamese government-owned postal service has restored operation of its services after they were down for several days due to a cyberattack.

Vietnam Post was reportedly hit by ransomware on June 4, affecting the operation of its postal and delivery services. At the time, the company reported that its financial, administrative, and goods distribution services were unaffected by the attack.

Local media reported Vietnam Post worked with government agencies and local cyber experts to contain the incident, safeguard customers' data, and restore its systems. 

Upon discovering the incident, it contacted the country’s security authorities and disconnected its IT system to isolate the breach.

Vietnam Post hasn’t disclosed who they believe is behind the attacks or if the hackers demanded a ransom.

This is not the first time the postal service has experienced a digital intrusion. Last November, researchers discovered the company left its security logs and employee email addresses accessible to external users.

The researchers also spotted Vietnam Post’s open Kibana visualization dashboard used for data search and analytics. At the time of discovery, the data contained 226 million logged events, amounting to 1.2 terabytes of data, which was being updated in real time. The data was left accessible for at least 87 days, making the company vulnerable to cyber threats.

According to local security officials, Vietnam has seen an uptick in cyberattacks, especially those involving ransomware. Last year, the country recorded more than 13,900 cyber incidents — almost a 10% increase year-on-year, Vietnam’s National Cyber Security Centre (NCSC) said.

The hackers mainly target government agencies, banking services, financial institutions, and industrial systems. Since late March, Vietnam has experienced at least three large-scale data encryption attacks targeting major companies, including VnDirect — one of its largest securities brokers, gasoline retailer PVOil, and a local telecommunications service provider.

In April, the country’s prime minister issued a directive requesting ministries and local government agencies to review and assess the current cybersecurity situation.

Get more insights with the
Recorded Future
Intelligence Cloud.
Learn more.
No previous article
No new articles
Daryna Antoniuk

Daryna Antoniuk

is a reporter for Recorded Future News based in Ukraine. She writes about cybersecurity startups, cyberattacks in Eastern Europe and the state of the cyberwar between Ukraine and Russia. She previously was a tech reporter for Forbes Ukraine. Her work has also been published at Sifted, The Kyiv Independent and The Kyiv Post.