The Check Point® Software report by found over 3,500 weekly cyber attacks per organisation, with rising data extortion and AI-powered deception targeting critical sectors.
Cyber security solutions Check Point® Software Technologies Ltd. released its State of Cyber Security, Southeast Asia 2025 report, uncovering an unprecedented escalation in cyber threats across the region.
Organisations are now facing an average of 3,513 attacks per week — nearly double the global figure of 1,916 — as threat actors increasingly leverage artificial intelligence, misinformation, and data extortion-first (DXF) tactics.
Indonesia and Vietnam were among the hardest hit, with attack volumes significantly exceeding the regional average. The findings underscore Southeast Asia’s growing prominence as a prime target for sophisticated cybercriminal networks.
“Today, cybercriminals are no longer working in isolation. We are seeing well-organised ecosystems collaborating to exploit the gaps between systems, processes, and even regulations,” said Teong Eng Guan, Regional Director for Southeast Asia & Korea at Check Point Software Technologies. “Effective defence demands consolidated, proactive, and intelligence-driven cyber security strategies.”
Escalating Regional Threats
Indonesia recorded an alarming 6,640 weekly attacks per organisation, nearly double the Southeast Asian average. Botnet and ransomware incidents were significantly higher, accounting for 23.8% and 16.1% of total attacks, respectively. Vietnam saw an average of 5,727 weekly attacks, with government and military institutions experiencing more than 18,000 weekly incidents.
Singapore continues to face highly customised and persistent threats. Its healthcare sector averaged 5,770 weekly attacks, while government entities faced 5,142. In Thailand, utilities and public services were among the top targets, with 3,457 weekly attacks on utilities alone.
Across the region, the most affected sectors include government, healthcare, and finance, which are industries that are becoming increasingly reliant on legacy systems and complex identity management frameworks that attackers can exploit.
Emerging Threat Trends
The report identified three dominant trends shaping the region’s cyber threat landscape:
1. AI-Powered Deception – Threat actors are deploying artificial intelligence to generate convincing phishing campaigns, deepfakes, and synthetic voice attacks, bypassing traditional verification methods and eroding public trust.
2. Credential and Information Theft – Info-stealers are emerging as silent enablers of larger attacks, laying the groundwork for ransomware and supply chain compromises. Small and medium-sized businesses with limited cyber resilience are especially vulnerable.
3. Data Extortion-First (DXF) Ransomware – Rather than encrypting systems, attackers are stealing data and threatening public disclosure to extract payments. This trend is hitting healthcare, education, and government institutions hardest, where personal data and reputational risks are high.
“As digitalisation surges across Southeast Asia, cybersecurity must move beyond simple compliance,” Teong added. “It is about defending the confidence that underpins digital growth. Cyber security is no longer just an IT issue — it is a strategic business imperative.”
Stay updated on the crypto space by following our socials
