Kaspersky’s web threat detections on businesses in SEA

These web-based threats, including compromised websites, malicious downloads, and other online attack vectors that can lead to unauthorised system access and data exposure, were observed across SEA throughout last year.

Businesses in Việt Nam registered the highest volume of web-based threats in the region, with 8,437,695 detections, followed by Malaysia with 3,361,453 incidents and Indonesia with 3,014,870 incidents. Organisations in Thailand and Singapore also faced more than 1 million web-based cyberattacks in 2025.

“While the number of web threats we detected and blocked against business users in SEA is quantitatively declining, we observe a surge in this type of threat targeting organisations in Singapore and Việt Nam. These two countries have one thing in common: over the years, policies and behaviours towards cybersecurity in enterprise environments have improved, meaning more organisations are strengthening their defences against cyberattacks,” comments Adrian Hia, Managing Director for Asia Pacific at Kaspersky.

These levels of detection reflect the breadth of online participation across economic and social activities in the region. According to the World Economic Forum, SEA’s digital economy is currently valued at around US$300 billion and is projected to reach US$1 trillion by 2030.

“In the current volatile market, enterprises in the region are rightly prioritising spending on technologies that will increase profit and productivity. Recent research highlights that technology spending in Asia Pacific is set to increase by 9.8% in 2026. As attacks on enterprise environments continue to evolve in both scale and complexity, I am confident that cybersecurity solutions and services will be among the key technological investments prioritised this year and beyond,” Hia adds.

What are web threats?

Internet-based threats expose individuals and computer systems to harm online.

Web threats are not limited to online activity but ultimately involve the internet at some stage in delivering harm. While not all web threats are deliberate, many are intended — or have the potential — to cause:

• Access denial: Prevention of entry to a computer and/or network services.

• Access acquisition: Unauthorised or unwanted entry into a private computer and/or network services.

• Unauthorised or unwanted use of computer and/or network services.

• Exposure of private data without permission, such as photos, account credentials, and sensitive government information.

• Unauthorised or undesired changes to a computer and/or network services.

In recent years, the landscape of web threats has grown significantly. Technologies such as smart devices and high-speed mobile networks have enabled an always-connected environment for malware, fraud, and other risks. Additionally, web adoption in areas such as communications and productivity via the Internet of Things (IoT) has outpaced user security awareness.

Staying protected in an always-connected environment

To reduce exposure to web-based threats, Kaspersky encourages organisations to:

• Keep operating systems, browsers, and applications up to date to minimise exposure to vulnerabilities.

• Use strong, unique passwords for online services and remote access tools, and enable two-factor authentication (2FA) wherever possible to limit the impact of compromised credentials.

• Enhance existing security controls with human-led detection and global threat intelligence through solutions such as Kaspersky Managed Detection and Response (MDR), an expert-led service offering 24/7 monitoring, detection, investigation, and rapid response to sophisticated cyberattacks.

• Obtain comprehensive and detailed analysis of security incidents with Kaspersky Incident Response. This service covers the entire investigation and response process, including initial containment, evidence collection, identification of the primary attack vector, and development of an effective mitigation plan.

• Align internal processes and technologies with today’s evolving threat landscape through Kaspersky SOC Consulting. This service helps build an in-house SOC from scratch, assess the maturity of an existing SOC, or enhance specific capabilities such as detection and response procedures.

• Use centralised and automated solutions such as Kaspersky Next XDR Expert to enable comprehensive protection of all assets. By aggregating and correlating data from multiple sources in one place and using machine-learning technologies, this solution provides effective threat detection and fast automated response./.