Kaspersky detected and blocked more than 18 million web-based threats targeting businesses across Southeast Asia in 2025, with Vietnam, Malaysia, and Indonesia accounting for the bulk of incidents, according to new data released by the cybersecurity firm.

The figures underscore the persistent scale of online attack vectors — including compromised websites, malicious downloads, and other internet-borne threats — that continue to expose enterprises across the region to unauthorised system access and data loss.

Vietnam leads regional threat volume

Vietnam recorded the highest number of web threat detections in the region at 8,437,695, followed by Malaysia at 3,361,453 and Indonesia at 3,014,870. Singapore logged 1,371,435 detections, while Thailand recorded 1,207,725. The Philippines saw the lowest volume at 621,984.

Despite the overall regional decline in detection volumes, Kaspersky noted that Singapore and Vietnam bucked the trend, with both markets seeing a surge in web-based threats targeting organisations.

“While the number of web threats we detected and blocked against business users in SEA are quantitatively on a decline, we observe surge of this type of threat targeting organisations in Singapore and in Vietnam. These two countries have one thing in common. Through the years, policies and behaviours towards cybersecurity in enterprise environment are on the rise which means more and more organisations are building up their defenses against cyberattacks.” — Adrian Hia, Managing Director for Asia Pacific, Kaspersky

AI-driven spending expected to sustain cybersecurity investment

Kaspersky linked the threat landscape to the region’s rapid digital expansion. The World Economic Forum values the SEA digital economy at approximately US$300 billion, with projections to reach US$1 trillion by 2030. Technology spending across Asia Pacific is forecast to rise by 9.8% in 2026, and Kaspersky expects cybersecurity solutions to be among the key investment priorities.

To reduce exposure to web-based threats, Kaspersky recommended that enterprises maintain up-to-date operating systems and applications, enforce strong credential hygiene with two-factor authentication, and deploy managed detection and response capabilities. The firm also pointed to its Kaspersky Next XDR Expert platform as a tool for centralised threat correlation and automated response across enterprise environments.