Cyber security threats are spread through the web
Web-based threats, including hacked websites, malicious downloads and other online attack methods, can lead to unprotected system access and leakage of sensitive data. These forms of attacks have been recorded throughout Southeast Asia over the past year, with more than 18 million cases detected and prevented by Kaspersky.
Vietnam is the country recording the highest number of cyberattacks by businesses in the region with 8,437,695 detections, followed by Malaysia with 3,361,453 incidents and Indonesia with 3,014,870 incidents.
Organizations in Thailand and Singapore also faced more than 1 million cybersecurity attacks via the web in 2025.
Mr. Adrian Hia, CEO of Kaspersky Asia-Pacific region, commented: "In terms of quantity, web-based threats targeting business users in Southeast Asia that we detect and prevent tend to decrease.
However, we note a sudden increase in this type of threat in Singapore and Vietnam. These two countries have one thing in common: In recent years, security policies and cybersecurity compliance habits in business operations have been significantly improved. This means that more and more organizations are proactively strengthening their defense systems against cyberattacks.
The figures on the number of malware detections reflect the widespread penetration of online activities into economic and social life in the region. According to the World Economic Forum, the digital economy in Southeast Asia is currently valued at about 300 billion USD and is expected to reach the threshold of 1 trillion USD by 2030.
Protecting businesses in a always connected environment
To minimize the risk of threats via the web, cybersecurity experts recommend that businesses and organizations implement the following measures:
- Regularly update operating systems, browsers and applications to minimize the risk of being exploited from security vulnerabilities.
- Use a strong, unique password for online services and remote access tools; enable two-factor authentication (2FA) whenever possible, to minimize damage if login information is compromised.
- Strengthen existing security control measures through modern, reputable solutions, with the ability to detect threats monitored by experts and Threat Intelligence globally.
- Analyze security incidents comprehensively and in detail through verified services, to cover the entire incident investigation and handling process: From initial zoning, evidence collection, identifying the main attack method to building an effective mitigation plan.
- Synchronize internal processes and technologies to catch up with the constantly changing context of threats, through support services to build an internal Security Operations Center (SOC) from the beginning, to be able to assess the maturity of existing SOCs, improve specific capabilities such as incident detection and response processes.
- Use centralized and automated solutions to comprehensively protect organizational assets. By synthesizing and correlating data from many different sources in one place, combining machine learning technology, this solution provides effective threat detection and rapid automated response capabilities.
