Cybercrime Surge in Asia-Pacific as AI Creates New Vulnerabilities - S-RM and FGS Global Report

Cybersecurity experts from S-RM and FGS Global warn that ransomware attacks across Asia-Pacific are accelerating rapidly as AI adoption, tighter regulations, and more sophisticated cybercriminal tactics reshape the regional threat landscape. Drawing from over 800 global incidents handled by S-RM in 2025, the report reveals that more than 770 organisations in Asia-Pacific were named on ransomware leak sites last year, marking a 59% year-on-year increase, while East and Southeast Asia recorded a staggering 71% surge — the fastest growth rate globally.

• Regional Surge: A new report by S-RM and FGS Global reveals that ransomware attacks in Asia-Pacific surged by 59% in 2025, with East and Southeast Asia recording the highest increase globally at 71%, highlighting the region’s growing exposure to increasingly sophisticated cyber threats.
• AI Risks: While businesses continue embracing AI to improve efficiency and productivity, cybercriminals are also leveraging AI to accelerate attacks, create more personalised extortion tactics, and exploit new vulnerabilities introduced by AI-powered systems and agents.
• Growing Pressure: Experts warn that ransomware incidents today no longer involve just technical disruption, as attackers are now weaponising stricter data privacy regulations and even media exposure to intensify pressure on organisations during cyberattack negotiations and crisis response efforts.

Businesses across Asia-Pacific are facing a rapidly intensifying cyber threat environment as ransomware attacks continue to rise at an alarming pace. According to a newly released Cyber Incident Insights Report 2026 by S-RM and FGS Global, the region has become one of the world’s fastest-growing targets for cybercriminal groups, driven by rapid digitalisation, expanding online infrastructure, and the increasing adoption of AI technologies.

The report draws insights from over 800 incidents responded to globally by S-RM in 2025 and paints a concerning picture for businesses operating in Asia-Pacific. More than 770 organisations across the region were named on ransomware leak sites last year, representing a 59% year-on-year increase. Even more striking, East and Southeast Asia recorded a 71% increase, making it the fastest-growing region globally for ransomware activity.

The 2026 Cyber Incident Insights Report by S-RM and FGS Global explores the rapidly evolving global cybersecurity landscape, highlighting how ransomware, AI-driven threats, and increasingly sophisticated cybercriminal operations are reshaping digital risk across industries and regions worldwide.

Financial services emerged as the hardest-hit sector in Asia-Pacific, accounting for 20% of all incidents in the region. Meanwhile, ransomware itself represented 64% of all cyber incidents S-RM responded to in Asia-Pacific, significantly higher than the global average of 45%.

Why Asia-Pacific Is Becoming a Prime Target

The report explains that Asia-Pacific’s rapid economic and digital growth has significantly expanded the attack surface available to cybercriminals. Businesses of all sizes are increasingly relying on cloud infrastructure, digital platforms, and interconnected systems, giving threat actors more opportunities to exploit weaknesses.

Small and medium enterprises are particularly vulnerable due to limited cybersecurity maturity and resources, while larger corporations face mounting pressure from regulators, stakeholders, and customers whenever cyber incidents occur.

Adding to the challenge is the emergence of several new ransomware groups that appear to be strategically targeting Asia-Pacific. Threat groups including NightSpire, Dire Wolf, Gentlemen, and Crypto24 reportedly directed between 31% and 50% of their attacks toward organisations in the region. Qilin, identified as the world’s most prolific ransomware group last year, was also named the most active group targeting Asia-based organisations.

New ransomware groups are rapidly emerging across Asia, with threat actors like NightSpire, Dire Wolf, and Gentlemen already targeting dozens of victims across the region in 2025. The data highlights how Asia continues to face growing exposure to sophisticated cybercriminal operations, with some groups recording as much as 50% of their known victims within Asian markets.

Lester Lim, Regional Head, APAC, Cyber Security at S-RM, explained the growing complexity businesses now face in the region.

“Asia Pacific’s economic success has made the region an attractive target for cyber criminals. Corporates face a perfect storm of increased regulation, greater stakeholder demands in the event of a cyber-attack and a more fragmented threat actor landscape attracting criminals of escalating sophistication.”

He also stressed the importance of preparedness and resilience.

“While protection and mitigation become more difficult for businesses than ever before, there are some practical precautions that companies can take to secure themselves, and ensure that should they become victims of a cyber-attack they are able to respond and recover faster.”

AI Is Reshaping the Cybersecurity Battlefield

Artificial intelligence is playing a major role in the evolution of cyber threats across the region. According to the report, threat actors are increasingly using AI to accelerate attacks, craft highly personalised extortion campaigns, and identify the most damaging corporate information to exploit.

At the same time, organisations rapidly adopting AI agents and automation tools may unintentionally be introducing new vulnerabilities into their systems. This creates a dangerous situation where businesses are racing toward AI-powered productivity while cybercriminals move just as quickly to exploit weaknesses.

Kyle Schwaeble, Head of Incident Response, APAC at S-RM, highlighted how AI is dramatically shortening the timeline of cyberattacks.

“As organisations rapidly adopt AI to drive economic efficiency, they are inadvertently handing a powerful toolkit to adversaries who are now moving from intrusion to extortion in hours rather than weeks.”

He added that businesses can no longer rely on traditional security approaches alone.

“For APAC businesses, particularly in highly targeted sectors like financial services, the message is clear: AI-enabled productivity must not come at the expense of risk management.”

Cyberattacks Are Becoming Reputation Crises Too

One of the report's most alarming findings is how ransomware incidents are evolving beyond technical

disruptions into full-scale reputational and regulatory crises — forcing companies to rethink

what "recovery" really means.

Ben Richardson, Partner and Head of Asia at FGS Global, explained why technical remediation alone is no longer enough:

"For APAC boards, ransomware is now a multi-dimensional crisis that can simultaneously cripple operations, trigger harsh regulatory penalties under the region's tightening privacy laws, and permanently erode stakeholder trust. All of these represent significant reputational harm to a business, meaning that companies not only have to contend with the technical recovery following a cyberattack, but also a reputational rebuild."

That shift in the threat landscape is being driven, in part, by attackers themselves. Till Valentin Staschik, Associate Director at FGS Global, cautioned that cybercriminals are growing far more strategic — exploiting not just technical vulnerabilities, but regulatory frameworks and the media cycle itself:

"Threat actors are increasingly using stricter privacy and data-breach regulations across Asia as

a lever, threatening exposure specifically to trigger regulatory penalties and increase pressure

during negotiations. Criminals are also weaponising the media by briefing reporters, and now

scrutinise company statements in real-time, exposing any attempts to downplay an attack."

About S-RM

S-RM is a cyber security and corporate intelligence consultancy. The firm provides intelligence, resilience and response solutions to organisations worldwide. Founded in 2005, S-RM has 400+ experts across nine international offices, serving clients across all regions and major sectors.

About FGS Global

FGS Global is the world’s leading stakeholder strategy firm, with over 1,500 professionals across 31 offices worldwide. The company advises clients on integrated strategies that help build and protect reputation, activate stakeholders, and achieve critical business outcomes in today’s increasingly complex environment.