Why is the Asia Pacific region a target for cybercrime - and what can be done about it?

Jun 12, 2023

Cybercrime knows no borders, and it is crucial for APAC countries to collaborate with international partners in combating cyber threats. Image: Freepik.com

Vivek Gullapalli

Field CISO APAC, Check Point Software Technologies

Our Impact

What's the World Economic Forum doing to accelerate action on Forum Institutional?

The Big Picture

Explore and monitor how Cybersecurity is affecting economies, industries and global issues

A hand holding a looking glass by a lake

Crowdsource Innovation

Get involved with our crowdsourced digital platform to deliver impact at scale

Stay up to date:

Cybersecurity

This article is part of: Annual Meeting of the New Champions

Listen to the article

The average annual cost of cybercrime is expected to increase from $8.4 trillion in 2022 to more than $23 trillion in 2027.
The Asia Pacific (APAC) region is experiencing a huge increase in cyberattacks compared to its global counterparts.
We outline why APAC is being targeted and what can be done to prevent cybercrime.

The pace at which the cyber threat landscape is evolving with the democratization of malicious software, the mobilization and organization of cybercriminal groups, geopolitical conflicts, and economic uncertainty have all combined to create the perfect environment for threat actors to flourish. According to FBI and IMF data, the average annual cost of cybercrime is expected to soar from $8.4 trillion in 2022 to more than $23 trillion in 2027.

Have you read?

Nowhere is this industry disruption more prevalent than in the Asia Pacific (APAC) region, which has emerged as the new “ground zero” for cybercrime incidents. According to a report by Check Point Research, APAC witnessed the highest year-over-year increase in weekly cyberattacks during the first quarter of 2023, averaging 1,835 attacks per organization. In contrast, the global average stood at 1,248 attacks per week. This alarming trend raises concerns about the reasons behind this shift and the measures needed to address the growing cyber threats in the region.

Cyber attacks per region. Image: Check Point Research

Why is cybercrime soaring in APAC?

The increased number of sophisticated attacks in the region gives real cause for concern, as seen in the case of the popular 3CX phone service application which was turned into a trojan as part of a supply attack. The democratization of malware is also in full swing, with recorded incidents of threat actors using ChatGPT to generate code designed to help less-skilled actors launch cyberattacks with ease.

What has triggered this increased volume and sophistication of attacks? If we consider why the region has become a hotbed for cybercrime, there are several factors at play:

Accelerated digital transformation: The APAC region has undergone rapid digital transformation, especially during and after the pandemic. Many organizations have rushed to adopt new technologies and digital platforms, often without adequately securing them, leaving vulnerabilities ripe for exploitation. This increased digitization has expanded the attack surface for cybercriminals.

A new generation of users: The TikTok and Facebook generation in APAC rely heavily on mobile devices and collaborative tools, to the point they have become desensitized to the risks associated with clicking on suspicious links or sharing sensitive information online. Their online habits make them more susceptible to social engineering attacks and phishing attempts.

The hybrid working model: The rise of the hybrid workforce, combining remote and in-office work arrangements, has created new challenges for cybersecurity teams. The shift towards remote work has increased reliance on digital communication and collaboration tools, exposing organizations to new security risks as cybercriminals exploit vulnerabilities in remote access systems and unsecured access points within the home.

The collaboration conundrum: The proliferation of collaboration platforms has introduced a new attack surface for cybercriminals. The increased usage of tools like video conferencing, cloud storage, and file-sharing platforms has become a breeding ground for potential security breaches, with threat actors targeting weak security settings, unpatched software, and unsuspecting users to gain unauthorized access to sensitive data.

Huge manufacturing demand: The APAC region, particularly countries like Taiwan, China, Vietnam and more plays a significant role in the semiconductor and manufacturing sector. The manufacturing industry's economic importance and the intellectual property it holds make it an attractive target for cyber espionage and intellectual property theft.

Discover

How is the Forum tackling global cybersecurity challenges?

The World Economic Forum's Centre for Cybersecurity at the forefront of addressing global cybersecurity challenges and making the digital world safer for everyone.

Our goal is to enable secure and resilient digital and technological advancements for both individuals and organizations. As an independent and impartial platform, the Centre brings together a diverse range of experts from public and private sectors. We focus on elevating cybersecurity as a key strategic priority and drive collaborative initiatives worldwide to respond effectively to the most pressing security threats in the digital realm.

Learn more about our impact:

Cybersecurity training: In collaboration with Salesforce, Fortinet and the Global Cyber Alliance, we are providing free training to the next generation of cybersecurity experts. To date, we have trained more than 122,000 people worldwide.
Cyber resilience: Working with more than 170 partners, our centre is playing a pivotal role in enhancing cyber resilience across multiple industries: oil and gas, electricity, manufacturing and aviation.

Want to know more about our centre’s impact or get involved? Contact us.

What can be done to prevent cybercrime?

Steps need to be taken now to prevent APAC from becoming a prolific breeding ground for cyber threat activity, including:

Higher level of public and private collaboration: Enhanced intelligence sharing among organizations, governments, and cybersecurity agencies can help prevent attacks and proactively address emerging threats. This collaborative approach can facilitate the timely dissemination of threat intelligence, enabling organizations to strengthen their defenses.

Establish national task forces – Following the examples of countries like Singapore, creating dedicated task forces focused on cybersecurity can help coordinate efforts, share best practices, and develop comprehensive strategies to combat cybercrime effectively.

Greater awareness and education: Governments, banks, and businesses should invest in awareness campaigns to educate the public and employees about the risks of cybercrime; in Singapore with their “Better Cyber Safe than Sorry” campaign with private e-commerce retailers like Shopee and supermarket chain, NTUC Fairprice, continuing with instructional videos, national television advertisements and posters at most bus stops. By promoting cybersecurity awareness and providing guidance on recognizing and responding to potential threats, individuals can become more vigilant and better equipped to protect themselves and their organizations.

Improved national regulations: APAC countries should consider implementing robust and standardized cybersecurity regulations to ensure consistent protection. Learning from successful examples such as Australia and Singapore, these regulations can set minimum security standards, encourage regular assessments, and establish penalties for non-compliance. By creating a regulatory framework that emphasizes cybersecurity, APAC countries can encourage organizations to prioritize security measures and adopt best practices.

Strengthen cybersecurity leadership: Organizations in APAC should focus on improving their cybersecurity leadership and governance structures by appointing qualified professionals with expertise in cybersecurity to executive positions and boards of directors. By prioritizing cybersecurity at the highest levels of decision-making, organizations can foster a culture of accountability and ensure that security measures are given due importance. Organizations need this right level of CISO leadership with empowerment and a strong mandate to drive “intelligence led prevention first cybersecurity approach” to combat the new frontier of cyber battlefields.

Collaboration with international partners: Cybercrime knows no borders, and it is crucial for APAC countries to collaborate with international partners in combating cyber threats. By sharing information, resources, and expertise, countries can collectively strengthen their defenses and mitigate the risks posed by cybercriminals who may operate from different jurisdictions.

Continuous investment in cybersecurity: APAC organizations must allocate adequate resources to cybersecurity initiatives. This includes investing in robust security solutions, regularly updating and patching systems, and conducting comprehensive security audits to stay ahead of evolving threats and reduce their vulnerability to attacks.

It is important to recognize that shifting APAC from being the most heavily attacked region requires a multifaceted approach involving collaboration, awareness, regulation, and continuous improvement from multiple parties. By implementing these measures and fostering a cybersecurity-conscious culture, APAC can enhance its resilience against cybercriminals and protect its digital infrastructure, businesses, and individuals from the ever-growing threat landscape and mitigate the risks to secure its position as a future leader in the digital age.

Don't miss any update on this topic

Create a free account and access your personalized content collection with our latest publications and analyses.

License and Republishing

World Economic Forum articles may be republished in accordance with the Creative Commons Attribution-NonCommercial-NoDerivatives 4.0 International Public License, and in accordance with our Terms of Use.

The views expressed in this article are those of the author alone and not the World Economic Forum.