A new global threat assessment from Check Point Exposure Management Research indicates that financial institutions across the Asia-Pacific (APAC) region are facing an increasingly aggressive and geopolitically influenced cyber threat environment. The report highlights a sharp global rise in cyberattacks on the financial sector, with incidents increasing from 864 in 2024 to 1,858 in 2025.
APAC has emerged as one of the most strategically targeted regions, with sustained attack activity observed across India, Indonesia, Japan, South Korea, Malaysia and the wider Southeast Asian market. Threats span data breaches, distributed denial-of-service (DDoS) attacks, ransomware, website defacement, mobile banking Trojans and emerging AI-driven fraud schemes.
Key APAC findings
- Data breaches and leaks: India ranked second globally with 31 reported incidents, followed by Indonesia in third place with 24.
- Ransomware: South Korea was the second most targeted country worldwide, recording 31 incidents. Japan reported nine incidents, while India and Malaysia recorded 10 each.
- DDoS attacks: India experienced 31 DDoS attacks, with attackers increasingly targeting digital banking platforms and government-linked financial ecosystems.
- Website defacement: India recorded 36 incidents, ranking second globally after the United States. Indonesia (eight incidents) and Japan (three incidents) also saw continued opportunistic activity.
APAC becomes a high-velocity cybercrime hotspot
According to the report, regions with large digital populations and rapidly expanding mobile-first fintech ecosystems, including India, Indonesia and Southeast Asia, are disproportionately exposed to credential theft, mobile malware and AI-enabled scam operations.
Mobile banking trojans, including variants such as Herodotus, were observed targeting users across Japan, South Korea, India and Indonesia. At the same time, AI-driven investment scams and large-scale phishing-as-a-service campaigns expanded rapidly across multilingual APAC markets.
The convergence of hacktivism (DDoS and defacement), financially motivated ransomware operations, and increasingly industrialised phishing infrastructure suggests that financial institutions in the region are being targeted from multiple threat vectors simultaneously.
Strengthening defence strategies
The report emphasises the need for financial institutions to strengthen identity governance, enhance mobile banking security, and improve fraud detection capabilities. It also highlights the importance of adopting exposure management approaches that unify threat intelligence, attack surface visibility, exploitability context and safe, automated remediation.
Commenting on the findings, Shir Atzil, Cyber Threat Intelligence Analyst at Check Point Exposure Management Research, said:
“APAC’s rapid digital expansion has positioned the region at the intersection of hacktivism, financial cybercrime and emerging AI-driven fraud. Markets such as India, Indonesia, South Korea and Southeast Asia are now key testing grounds for high-volume, high-velocity attacks. Financial institutions must adopt intelligence-led security strategies that address mobile threats, identity abuse and cross-border attack campaigns before they scale further.”