Table of Contents
INTERPOL cyber threat assessment for Asia and South Pacific reveals 6.5 billion cyber threats detected and mitigated across the region between January and December 2024. The INTERPOL 2025/2026 Asia and South Pacific Cyberthreat Assessment Report documents a dramatic increase in cybercrime driven by rapid digitalization, new technologies, and increasingly organized criminal networks.
Key Takeaway
- 🎯 6.5 billion cyber threats detected and mitigated across Asia and South Pacific in 2024: INTERPOL’s report draws on data from 18 member countries and private sector partners including TrendAI, documenting an unprecedented scale of cybercrime.
- 📊 The report covers 18 INTERPOL member countries across Asia and South Pacific: Including the Philippines, Indonesia, Singapore, Malaysia, Vietnam, and Thailand — the full ASEAN region.
- 💼 Cybercrime is driven by rapid digitalization, new technologies, and increasingly organized criminal networks: INTERPOL identifies AI-powered attacks, ransomware, and organized cybercrime syndicates as the primary threat vectors.
- 🔧 The report includes operational case studies and analysis of emerging cyber threats: INTERPOL combines threat intelligence from member countries with private sector data and real-world operational experience.
- ⏱️ 82.6% of phishing emails now contain AI-generated elements, and deepfakes are involved in 30%+ of high-impact impersonation attacks: AI has industrialized the attacker’s toolkit across the region.
The INTERPOL cyber threat assessment provides the most comprehensive picture of cybercrime across Asia and the South Pacific ever assembled. With 6.5 billion threats detected in a single year, the scale of the challenge is staggering — and the Philippines, as an INTERPOL member country, is directly affected by every trend the report documents.
INTERPOL‘s 2025/2026 Asia and South Pacific Cyberthreat Assessment Report reveals a dramatic increase in cybercrime across the region. The INTERPOL cyber threat data was provided by TrendAI — one of several private sector partners working with INTERPOL’s cybercrime directorate — and draws on information from 18 INTERPOL member countries, private sector contributions, operational case studies, and analysis of emerging cyber threats.
For the Philippine cybersecurity landscape and the broader digital economy, this report matters because it contextualizes local threats within a regional pattern — and shows that no country in ASEAN is safe from the escalating cybercrime wave.
The INTERPOL Cyber Threat Numbers
| Metric | Figure | Source | Significance |
|---|---|---|---|
| Threats detected (2024) | 6.5 billion | INTERPOL / TrendAI | Across Asia and South Pacific |
| Member countries | 18 | INTERPOL | Full regional coverage |
| APAC attacks per org (2023) | 1,835 | NBR | 50% above global average (1,250) |
| AI-generated phishing | 82.6% | The Cyber Express | Of phishing emails now AI-generated |
| Deepfake impersonation | 30%+ | The Cyber Express | Of high-impact corporate attacks |
| Stolen from SEA actors | $64 billion | NBR | Estimated worldwide |
The Three Major INTERPOL Cyber Threat Vectors
| Threat Vector | What It Does | ASEAN Impact |
|---|---|---|
| State-sponsored APT groups | Espionage, trade intelligence theft, diplomatic communications interception | Singapore, Indonesia, Thailand, Vietnam most targeted; 20% increase in China-linked attacks |
| Ransomware groups | Financially motivated, indiscriminate targeting of weak defenses | Indonesia PDN attack; Philippine ransomware doubling |
| Organized cybercrime syndicates | AI-powered fraud, deepfakes, voice cloning, synthetic identities | Scam compounds in Myanmar, Cambodia, Laos; deepfake scams in PH |
The AI Weaponization Factor in INTERPOL Cyber Threat
The INTERPOL cyber threat assessment highlights a fundamental shift: AI has not just upgraded the attacker’s toolkit — it has industrialized it. The UNODC documented in September 2025 that organized crime groups across the region are rapidly adopting AI and automation:
| AI Attack Method | How It Works | Scale in 2026 |
|---|---|---|
| Deepfake video calls | AI-generated video impersonating government officials or executives | 30%+ of high-impact impersonation attacks |
| Voice cloning | AI clones voice of senior figures for phone-based fraud | Used in Filipino family scams |
| Synthetic identity fraud | AI creates fake identities combining real and fabricated data | Scaled fraud operations across ASEAN |
| AI-generated phishing | AI writes personalized phishing emails at scale | 82.6% of phishing emails now AI-generated |
| Automated malware distribution | AI automates malware creation and distribution | Speeds no human analyst can match |
The Indonesia PDN Attack: INTERPOL’s Defining Case Study
The INTERPOL report highlights Indonesia’s June 2024 National Data Centre (PDN) ransomware attack as the most consequential cybersecurity incident in Southeast Asian government history. The Brain Cipher variant of LockBit 3.0 encrypted critical government systems, disrupting immigration processing, student registration, and dozens of citizen services.
The lessons apply directly to the Philippines: no backups, no incident response playbooks, and fragmented policy coordination. Weeks after the attack, only 86 of 282 affected services had been restored. Indonesia’s President ordered an emergency audit, and the Minister of Communications resigned.
ASEAN Cybersecurity Preparedness Gap
| Country | National Cyber Agency | Preparedness Level |
|---|---|---|
| Singapore | Yes (CSA) | High — dedicated agency, strong regulation |
| Indonesia | Yes (BSSN) | Improving — post-PDN reforms |
| Malaysia | Yes (NACSA) | High — dedicated agency |
| Thailand | Yes | Moderate — dedicated agency |
| Vietnam | Yes | Moderate — dedicated agency |
| Brunei | Yes | Moderate — dedicated agency |
| Philippines | No (delegated across bodies) | Gap — cybersecurity across multiple uncoordinated bodies |
| Cambodia | No | Gap — delegated across bodies |
| Myanmar | No | Gap — delegated across bodies |
FAQ: INTERPOL Cyber Threat Assessment
What is the INTERPOL cyber threat assessment?
The INTERPOL 2025/2026 Asia and South Pacific Cyberthreat Assessment Report documents 6.5 billion cyber threats detected and mitigated across the region in 2024. It draws on data from 18 member countries and private sector partners including TrendAI.
How many cyber threats were detected in Asia and South Pacific?
More than 6.5 billion cyber threats were detected and mitigated between January and December 2024, according to data provided by TrendAI and INTERPOL’s cybercrime directorate.
Which countries are covered by the INTERPOL cyber threat report?
The report covers 18 INTERPOL member countries across Asia and the South Pacific, including the Philippines, Indonesia, Singapore, Malaysia, Vietnam, and Thailand — the full ASEAN region plus Pacific nations.
What are the main cyber threats identified by INTERPOL?
The three major threat vectors are: state-sponsored APT groups (espionage), ransomware groups (financially motivated), and organized cybercrime syndicates (AI-powered fraud, deepfakes, synthetic identities).
How is AI being used in cyberattacks according to INTERPOL?
AI has industrialized the attacker’s toolkit. 82.6% of phishing emails now contain AI-generated elements, deepfakes are involved in 30%+ of high-impact impersonation attacks, and organized crime groups deploy AI for voice cloning, synthetic identity fraud, and automated malware distribution.
What was the Indonesia PDN attack?
Indonesia’s National Data Centre was hit by a Brain Cipher LockBit 3.0 ransomware attack in June 2024, paralyzing immigration services and government operations for weeks. Only 86 of 282 services were restored weeks after the attack, exposing a region-wide governance failure.
How does the INTERPOL cyber threat report affect the Philippines?
The Philippines is an INTERPOL member country directly affected by regional trends. The report identifies that the Philippines delegates cybersecurity across multiple uncoordinated bodies — a structural gap that attackers exploit, compared to countries with dedicated national cyber agencies.
What is the ASEAN cybersecurity preparedness gap?
According to US-ASEAN Business Council, Brunei, Indonesia, Malaysia, Singapore, Thailand, and Vietnam have dedicated national cybersecurity agencies, while Cambodia, Myanmar, and the Philippines delegate cybersecurity across multiple uncoordinated bodies — a structural gap attackers exploit.
How much money is stolen by Southeast Asian cybercriminals?
According to the National Bureau of Asian Research (NBR), malicious actors operating from Southeast Asia are estimated to have stolen approximately $64 billion worldwide.
How can the Philippines improve its cybersecurity based on INTERPOL findings?
The Philippines should establish a dedicated national cybersecurity agency, implement mandatory data backup protocols, create and test incident response playbooks, strengthen cross-sector coordination, and invest in AI-powered threat detection to match AI-powered attacks.
This article is based on INTERPOL’s 2025/2026 Asia and South Pacific Cyberthreat Assessment Report, NBR cyberattack statistics, UNODC AI crime documentation, The Cyber Express phishing data, US-ASEAN Business Council preparedness assessment, and VentureSEA government cybersecurity analysis. Report findings are as published by INTERPOL.







