Organisations in Southeast Asia (SEA) continue to experience a persistent volume of cyber threats delivered through the web, with Kaspersky detecting and blocking more than 18 million malicious attack detections across the region in 2025.
| Country | 2025 |
| Indonesia | 3,014,870 |
| Malaysia | 3,361,453 |
| Philippines | 621,984 |
| Singapore | 1,371,435 |
| Thailand | 1,207,725 |
| Vietnam | 8,437,695 |
| SEA | 18,015,162 |
Kaspersky’s web threats detections on businesses in SEA
These web-based threats, including compromised websites, malicious downloads and other online attack vectors that can lead to unauthorised system access and data exposure, were observed across SEA throughout last year.
Businesses in Vietnam registered the highest volume of web-based threats in the region with 8,437,695 detections, followed by Malaysia with 3,361,453 incidents and Indonesia with 3,014,870 incidents.
Organisations in Thailand and Singapore also faced more than 1 million web-based cyberattacks in 2025.
“While the number of web threats we detected and blocked against business users in SEA are quantitatively on a decline, we observe a surge of this type of threat targeting organisations in Singapore and in Vietnam. These two countries have one thing in common. Through the years, policies and behaviours towards cybersecurity in the enterprise environment are on the rise, which means more and more organisations are building up their defences against cyberattacks,” comments Adrian Hia, Managing Director for Asia Pacific at Kaspersky.
These levels of detection reflect the breadth of online participation across economic and social activities in the region. According to the World Economic Forum, the SEA digital economy is currently valued at around US$300 billion and is projected to reach US$1 trillion by 2030.
“In our current volatile market, enterprises in the region are rightfully prioritising spending on technologies that will increase their profit and productivity. A recent research even highlighted that technology spending in the Asia Pacific is set to increase by 9.8% in 2026. As attacks on enterprise environments continue to evolve in quantity and complexity, I am confident that cybersecurity solutions and services will be among the key technological investments that will be prioritised here this year and beyond,” Hia adds.
What are web threats?
Internet-based threats expose people and computer systems to harm online.
Web threats are not limited to online activity but ultimately involve the internet at some stage for inflicted harm. While not all web threats are created deliberately, many are intended — or have the potential — to cause:
- Access denial. Prevention of entry to a computer and/or network services.
- Access acquisition. Unauthorised or unwanted entry into a private computer and/or network services.
- Unauthorised or unwanted use of computer and/or network services.
- Exposing private data without permission, such as photos, account credentials, and sensitive government information.
- Unauthorised or undesired changes to a computer and/or network services.
In recent years, the landscape of web threats has grown significantly. Technologies like smart devices and high-speed mobile networks have allowed for an always-connected vector of malware, fraud, and other complications. Also, web adoption in areas like communications and productivity via the Internet of Things (IoT) has outpaced user security awareness.
Staying Protected in an Always Connected Environment
To reduce exposure to web-based threats, Kaspersky encourages organisations to:
- Keep operating systems, browsers and applications up to date to reduce exposure to vulnerabilities.
- Use strong, unique passwords for online services as well as remote access tools, and enable two-factor authentication (2FA) whenever possible to limit the impact of compromised credentials.
- Augment your existing security controls with human-led detection and global threat intelligence through solutions like Kaspersky Managed Detection and Response (MDR), an expert-led service offering 24/7 monitoring, detection, investigation and rapid response to sophisticated cyberattacks.
- Receive comprehensive and detailed analysis of security incidents with Kaspersky Incident Response. This service covers the entire investigation and response process, including initial containment, evidence collection, identification of the primary attack vector and development of an effective mitigation plan.
- Align your internal processes and technologies with today’s evolving threat landscape through Kaspersky SOC Consulting. This service helps you build an in-house SOC from scratch, assess the maturity of an existing SOC or enhance specific capabilities such as detection and response procedures.
- Use centralised and automated solutions such as Kaspersky Next XDR Expert to enable comprehensive protection of all your assets. By aggregating and correlating data from multiple sources in one place and using machine-learning technologies, this solution provides effective threat detection and fast automated response.
Learn more at www.kaspersky.com.