Dec 2025
by Lim May-Ann
2025 saw governments, financial institutions, telecom operators, and critical infrastructure providers facing escalating threats from ransomware groups, state-linked hackers, and AI-powered cybercriminals. At the same time, we also saw the public sector and regulators accelerating cyber resilience mandates, while enterprises continued their push towards modernising cyber defence systems.
One word which could characterise the Asia Pacific cybersecurity landscape in 2025 is “convergence”. We see examples how cybercrime – and the psychology of scams and social engineering, geopolitics, artificial intelligence, and critical infrastructure protection are no longer separate conversations. They now form a single strategic cybersecurity concern for every economy in the region.
Here are the top cybersecurity developments that most shaped Asia Pacific in 2025.
- AI-Powered Cyberattacks Became Mainstream
Artificial intelligence dramatically changed the threat landscape in 2025. We saw an accelerated cat-and-mouse game where cybercriminal groups increasingly used generative AI tools to automate phishing campaigns, develop malware variants, and improve ransomware operations. Security researchers warned that AI-enabled attacks were becoming faster, cheaper, and more scalable than ever before.
CrowdStrike’s 2025 APJ eCrime Landscape Report highlighted how AI accelerated ransomware activity across Asia Pacific and Japan, especially among organized cybercrime ecosystems operating in Chinese-language underground marketplaces.
- Singapore Faced Major Critical Infrastructure Threats
Singapore emerged as one of the region’s most closely watched cybersecurity battlegrounds in 2025. Authorities publicly identified the advanced threat actor UNC3886 as a serious national security risk after attacks targeted critical information infrastructure and telecommunications networks.
The incident underscored how small but digitally advanced nations are increasingly exposed to sophisticated cyber espionage campaigns, and how governments are balancing the need for new and information transparency, with the need to keep confidentiality of ongoing investigations.
- Ransomware Exploded Across Asia Pacific
Ransomware activity surged throughout the region. Analysts reported a 59% increase in ransomware attacks across Asia Pacific in 2025, with East and Southeast Asia experiencing the fastest growth globally.
Financial services, manufacturing, and technology firms were among the hardest-hit sectors. The rise of “ransomware-as-a-service” lowered barriers to entry for criminals and enabled highly coordinated extortion campaigns.
- APAC Data Breaches Reached Record Levels
The 2025 Verizon Data Breach Investigations Report revealed that system intrusions accounted for 80% of breaches in Asia Pacific, more than double the previous year’s figure. Malware-related incidents and ransomware attacks also increased sharply.
This trend highlighted a growing gap between digital transformation and cyber resilience across the region.
- Financial Institutions Became Prime Targets
Financial institutions and interconnected service providers became prime cyber targets in 2025. Australia’s MediSecure ransomware breach demonstrated how attacks on third-party digital ecosystems can expose sensitive consumer and financial-related data at massive scale. The incident intensified concerns across APAC regarding supply chain vulnerabilities, identity fraud, and critical infrastructure resilience.
The breach reinforced concerns that third-party vendor ecosystems remain a major vulnerability for the financial sector.
- Telecom Operators Came Under State-Linked Attack
Telecommunications providers across Asia Pacific became increasingly attractive targets for state-linked cyber actors in 2025. South Korea reported heightened espionage activity targeting telecom infrastructure and digital service providers, reinforcing concerns that communications networks are now central battlegrounds in geopolitical cyber competition.
The attacks mirrored a broader global trend in which telecom infrastructure increasingly became part of geopolitical cyber competition.
- Supply Chain Cybersecurity Became a Boardroom Issue
Cybersecurity leaders across Asia Pacific spent much of 2025 grappling with third-party and supply chain risks. Attackers increasingly targeted managed service providers, cloud vendors, and outsourced IT ecosystems to gain indirect access to larger organizations.
As organizations expanded digital partnerships, supply chain resilience became a strategic imperative rather than merely a technical concern.
- Japan Experienced High-Profile Industrial Cyberattacks
Japan’s manufacturing and industrial sectors faced mounting cyber pressure in 2025. One notable case involved beverage giant Asahi Group, where ransomware attacks disrupted brewery production systems and allegedly exposed sensitive company data. This is a clear sign that industrial operational technology (OT) environments are now firmly in attackers’ crosshairs, and we must heighten the protection of OT infrastructures.
Conclusions and Looking into 2026
Asia Pacific’s cybersecurity story in 2025 was ultimately about adaptation. Organizations can no longer treat cyber resilience as an IT function alone. It is now a core pillar of economic competitiveness, national security, and public trust.
The defining challenge for 2026 will not simply be preventing attacks. It will be building resilient digital ecosystems capable of operating securely in an age of constant cyber disruption and ever-sophisticated bad actors enabled by AI.