By Carolina de la Puente Ilieva

The Southeast Asian region is experiencing one of the fastest digital transformations in the world, but at what cost?

According to the e-Conomy SEA 2024 report by Google, Temasek and Bain & Company [1], the region’s digital economy Gross Merchandise Value (GMV) is projected to reach $302 billion by 2025 [1]. From the explosion of e-commerce and fintech to the mobile-first economies, it is estimated that it accommodates over 400 million users [1]. In all aspects, the industry seems to be booming but this growth comes with a critical challenge: a drastic rise in cybercrime, and a potential transition from victim to being a launchpad for cyberattacks [2].

In 2024, malicious cyberattacks doubled from the previous year, with Vietnam, Thailand, Singapore, Indonesia, the Philippines and Malaysia being the most affected countries. The most targeted sectors were within the financial, manufacturing and governmental spheres [3]. Simultaneously, a new online cybercrime tool has been gaining popularity: “Scam-as-a-Service” (SaaS). As amusing as this straightforward name might sound – originating from SaaS’s “Software as a Service” – it is nonetheless a real threat, offering criminals the possibility to create and run wide-ranging scams including phishing campaigns, in which attackers send fraudulent emails or text messages containing links to malicious websites [4].They may target specific individuals through Business Email Compromise (BEC) or “whaling” scams [5], where highly influential people are referred to as ‘big fish’. In such attacks, hackers target C-level executives (CEOs, CFOs, and other senior leaders) who hold broad authority and access to highly confidential information [6].

But why are these specific countries the new cyberattack battleground?

For starters, the region has a wide variation in laws, as highlighted in the ASEAN Cybersecurity Cooperation Paper, which allows actors to operate from “soft” jurisdictions while targeting “harder” ones from abroad [7]. Secondly, Southeast Asia (SEA) has great global connectivity, with one of the biggest finance hubs in the world, Singapore, and manufacturing centers such as Vietnam and Malaysia. Being in the same region as these large-scale hotspots makes launching cyberattacks from there to the global scene more efficient [5]. These connected networks are exploited for laundering funds and staging supply chain attacks. Lastly, Interpol warns of state-linked espionage groups operating in the area – using SEA once again, as a base and proxy to obscure origins [5]. 

Some local examples of cyberattack epicenters are the Philippines, where banks have traced attacks back to local hacker collectives [8] and in Singapore (with a 96% internet penetration rate [9]), where money laundering has been found tied to cybercrime, as a result of abuse of its financial ecosystem [10]. According to IBM’s 2024 Cost of a Data Breach Report, the average global data breach has reached $4.9 million, a significant increase from the previous year [9]   [18]. Furthermore, specific industries are targeted such as healthcare, where hospitals have reported cyberattack hits from ransomware groups [11]. For example, in June 2024 in Hanoi  Vietnam, hackers advertised for sale the details of 112,000 patient and medical staff records from Hong Ngoc General Hospital [12]. Critical infrastructure, such as power and telecommunications systems, has also been targeted, as discussed in the 2025 Positive Technologies report [3].The industrial sector has reportedly lost SGD5.62 million ($4.34 million) [9]. 

Although direct financial losses are not the most common consequence of cyberattacks on organisations in Southeast Asia, the monetary impact of attacks remains significant. For instance, online fraud in Brunei alone resulted in more than $1.7 million in damages in 2023. By July 2023, economic losses from data breaches in the ASEAN region had exceeded $3 million, up from $2.87 million in 2022. Singapore lost over $385.6 million to cyberscams in H1 2024 [9]. 

Lastly, a particularly complex dimension of cybersecurity emerges in the context of small and medium-sized enterprises (SMEs). It is estimated that above 98% of companies in the SEA region are SMEs, with most of them unable to afford advanced cybersecurity protection. Thus, hackers have found a way to use them as “stepping stones” to create a web of attacks. In other words, a cybercriminal might break into a SME’s computer, install malware and  link the device to a network of hijacked computers. This in turn would allow the perpetrators of said crimes to launch larger attacks, send spam on a larger scale, and most importantly, hide their real location, which makes tracking the origin of the attack nearly impossible. Just like any other internet-linked device, these company computers are not restricted by borders, allowing the scheme to operate internationally with ease [7].

Earlier in 2025, a SME retail company in Singapore fell victim to a ransomware attack after an employee unknowingly clicked on a malicious email attachment. The attackers encrypted the company’s customer database and demanded a ransom in cryptocurrency. The immediate ransom demand was around SGD50,000 ($38,000), a significant but manageable sum for this SME. The direct monetary costs – including revenue loss from one week of downtime (SGD120,000), a PDPA (Personal Data Protection Act) compliance fine (SGD75,000), and recovery expenses such as system upgrades and staff training (SGD100,000) – amount to a total of SGD295,000 (approximately $227,000) [13]. Furthermore, this leads to scepticism from clients towards the company and the information communicated to them, as well as internal instability within the organisation – both between management and staff and among employees themselves… The total damage from such a cyberattack can cripple a business for years to come [13].

The World Economic Forum (WEF) warns that the SEA’s cybercrime landscape undermines not only the local trust of informational networks but also international supply chains [14]. But this is not only acknowledged on the global scene. Local governments are aware of the reputation and security risks, as seen in the ASEAN report,which emphasise on the need to shut down criminal activities and hubs [7]. For these reasons, organisations such as the ASEAN Foundation-Microsoft Skilling Programme are emerging not only for defence purposes, but also as an alternative for young people living in economies where “cybercrime-to-hire” has become an attractive option [5] [15]. As highlighted by Interpol’s report, the growing accessibility of underground markets and financial incentives has made cybercrime a viable livelihood path for digitally skilled but economically vulnerable youth [5].

“The integration of generative artificial intelligence by transnational criminal groups involved in cyber-enabled fraud is a complex and alarming trend observed in Southeast Asia, and one that represents a powerful force multiplier for criminal activities,” said John Wojcik, UNODC (United Nations Office on Drugs and Crime) Regional Analyst  [16]. The UN report continues by warning that the use of AI has not only expanded the scope and efficiency of cyber-enabled fraud and cybercrime, but has also lowered the barriers to entry for criminal networks that previously lacked the technical skills to exploit more sophisticated and profitable methods [16]. 

To conclude, Southeast Asia has become much more than a victim of cybercrime – it is becoming the aggressor’s hub for cyberattacks. Criminal groups exploit the region’s rapid digital growth, jurisdiction loopholes and economic diversity to organise crimes that go beyond their borders. With the potential to cause severe and lasting harm – costing over $37 billion in 2023 alone [17] – to both local and global populations, especially with the rise of AI [16], inaction is not an option. The solution lies in strengthening and harmonising laws, enforcing them firmly, and building regional capacity to dismantle these well-established criminal networks. 

Edited by Maxime Pierre.

References

[1] Google. (2024). E-Conomy SEA 2024 Report. Retrieved September 18, 2025, from  e-Conomy SEA 2024

[2]  CloudSEK Information Security Pvt. Ltd. (2024). CloudSEK’s 2024 South-East Asian Threat Landscape Analysis.Retrieved September 18, 2025, from Annual Threat Landscape Report 2024 – South East Asia

[3]  Positive Technologies. (2025, March 20). Cyberattacks on Southeast Asia doubled in 2024. News and Events.Retrieved September 18, 2025, from https://www.ptsecurity.com

[4] National Cyber Security Centre (NCSC). (n.d.). Phishing guidance. Retrieved September 18, 2025, from Phishing attacks: defending your organisation – NCSC.GOV.UK

[5] Interpol. (2024, April). Asia and South Pacific Cyberthreat Assessment Report 2024. Interpol. Retrieved September 18, 2025, from  Asia and South Pacific Cyberthreat Assessment Report 2024-4.pdf

[6] Myra Security. (n.d.). Whaling. Retrieved September 18, 2025, from Whaling: definition, functioning and examples | Myra

[7] Association of Southeast Asian Nations (ASEAN). (2021). ASEAN Cybersecurity Cooperation Strategy 2021–2025. Retrieved September 19, 2025, from ASEAN-Cybersecurity-Cooperation-Paper. 

[8] Cyfirma. (2023). The changing cyber threat landscape: Southeast Asia. Retrieved September 19, 2025, from THE CHANGING CYBER THREAT LANDSCAPE SOUTHEAST ASIA – CYFIRMA

[9] Positive Technologies. (n.d.). Cybersecurity threatscape in Southeast Asia. Retrieved September 19, 2025, from Cybersecurity threatscape in Southeast Asia

[10] Cyber Security Agency of Singapore (CSA). (n.d.). Cybersecurity initiatives. Retrieved September 19, 2025, from Cyber Security Agency of Singapore

[11] Healthcare Asia. (2024). APAC’s healthcare security in crisis over rising cyberattacks: Report. Healthcare Asia Magazine. Retrieved September 19, 2025, from  APAC’s healthcare security in crisis over rising cyberattacks: report

[12] Reuters. (2024). Major hospitals hit by cyberattacks, patient data sold on hacker forums. Retrieved September 19, 2025, from Major hospitals hit by cyberattacks, patient data sold on hacker forums

[13] Security Exceptions. (n.d.). The true cost of a cyberattack for SMEs in Singapore and Malaysia. Retrieved September 19, 2025, from The True Cost of a Cyber Attack on SMEs: Case Studies from Singapore and Malaysia – Security Risk and Exception Manager

[14] World Economic Forum. (2024, October). Southeast Asia is tackling cyberattacks on the underbanked. World Economic Forum Stories. Retrieved September 19, 2025, from Southeast Asia is tackling cyberattacks on the underbanked | World Economic Forum

[15] ASEAN Foundation. (2024). ASEAN Cybersecurity Skilling Programme. Retrieved September 19, 2025, from ASEAN Cybersecurity Skilling Programme.

[16] United Nations Office on Drugs and Crime (UNODC). (2024, October). The cyberfraud industry expands in Southeast Asia. Retrieved September 19, 2025, from Billion-dollar cyberfraud industry expands in Southeast Asia as criminals adopt new technologies

[17] Coker, J. (2024). Cyber fraud cost up to $37 billion in Southeast Asia last year. Infosecurity Magazine. Retrieved October 27, 2025, from Cyber Fraud Cost up to $37bn in Southeast Asia Last Year – Infosecurity Magazine

[18] Bonderud, D. (2024, March 20). Cost of a data breach 2024: Financial industry. IBM. https://www.ibm.com/think/insights/cost-of-a-data-breach-2024-financial-industry

Cover Image Miroshnichenko, T. (n.d.). Close-up view of system hacking [Photograph]. Pexels. Close-Up View of System Hacking · Free Stock Photo