Skip to content

Asia-Pacific cyber insurance faces 135,000 ransomware attacks

Peter Sonner
Peter Sonner
5 min
Largest insurers in Asia-Pacific increased capitalizations in Q2 2024

The INTERPOL Asia and South Pacific Cyber Threat Assessment 2025/2026 gives cyber insurers a clearer view of the threat environment now shaping underwriting across the region.

The report was produced by INTERPOL’s cybercrime desk at the INTERPOL Global Complex for Innovation in Singapore. It draws on responses from 18 member countries and intelligence from private sector partners.

That matters because the report is not a market outlook or an insurance industry forecast. It is a law enforcement intelligence product, which makes the findings especially useful for insurers underwriting cyber risk across Asia-Pacific.

The numbers will not surprise cyber incident response teams operating in the region. Yet their aggregation by INTERPOL, from a source with no commercial stake in insurance pricing, gives the data greater underwriting relevance.

INTERPOL reported more than 135,000 ransomware attacks in 2025. It also found that deepfake-related discussions on criminal forums surged 600% in five months.

Scam centre operations generated close to $40 bn annually, often using trafficked labour. DDoS attacks increased 92%, while more than 6.5 bn cyber threats were detected and mitigated across the region between January and December 2024.

More than half of surveyed member countries said cybercrime accounted for over 30% of all nationally recorded crime. That shows cyber risk has moved from specialist technology exposure into mainstream crime and economic security.

Emerging cyberthreats in Asia and the South Pacific

Cybercriminal activity across the region has intensified alongside unprecedented growth in Internet connectivity, mobile banking, cloud computing and digital financial services.

Key trends highlighted in the report include:

  • Ransomware: The region recorded over 135,000 ransomware-related attacks in 2024, affecting sectors including real estate, manufacturing and financial services.
  • DDoS Attacks: Distributed denial of service attacks surged by 92 per cent in 2024 compared to the previous year.
  • AI-Driven Crime: Discussions about deepfakes on cybercriminal forums and Telegram channels popular among Southeast Asian threat actors increased by 600 per cent from February to June 2024.
  • Phishing: 5.5 out of every 1,000 individuals in the region clicked on phishing links monthly – approximately twice the global average – with cloud applications the primary targets. 
  • Data Breaches: System intrusions accounted for approximately 80 per cent of all data breaches in 2024 with malware and ransomware present in 83 per cent and 51 per cent of cases respectively.

Between January and December 2024, more than 6.5 billion cyber threats were detected and mitigated across the Asia and South Pacific region, according to data provided by TrendAI – one of several private sector partners working with INTERPOL’s cybercrime directorate.

This is the environment in which Asia-Pacific’s cyber insurance market is expanding. Gallagher’s 2026 Cyber Insurance Market Outlook expects Asia-Pacific to record the fastest growth rate of any region in the global cyber insurance market, driven by digitalisation.

The region still accounts for a small share of global cyber premiums. North America holds about 60% to 70% of global cyber premium volume, but Asia-Pacific’s growth path is becoming much clearer.

The central question is whether premiums being written today reflect the threat environment INTERPOL has documented. Many pricing frameworks were built for an earlier risk period, before deepfake fraud, organised scam compounds, and agentic attack patterns became more visible.

  • Ransomware remains a high-volume and very high-severity threat. At-Bay’s 2025 Cyber Claims Report put the average ransomware claim at $508,000, up 16% year-on-year.
  • Online scams have very high volume and high severity. The UNODC estimate of around $40 bn in annual scam centre losses shows how cyber-enabled fraud has become a large regional criminal economy.
  • Banking trojans remain high-volume threats with moderate insurance severity. INTERPOL identified infostealer families such as LummaC2, RedLine, and Loki across Indonesia, the Philippines, Vietnam, Thailand, Malaysia, Singapore, and Australia.
  • Business email compromise carries moderate volume but high claims severity. Aon’s 2025 APAC cyber risk analysis showed social engineering claims rising 233% year-on-year, which points directly to the underwriting pressure around fraud and impersonation.
  • Deepfakes are still lower in volume but are escalating quickly. INTERPOL’s 600% increase in forum activity between February and June 2024 shows how criminal experimentation is moving toward operational use.

The protection gap remains the defining structural problem for the region. INTERPOL’s report highlights jurisdictions with weaker legislation, fragmented enforcement, and limited technical capacity as attractive bases for threat actors.

Pacific island states and less developed Southeast Asian economies function as gateways into broader regional and global networks. That creates a problem for insurers covering multinational companies with operations across multiple jurisdictions.

For underwriting, this is an aggregation problem. A compromise that enters through a low-maturity jurisdiction and spreads across a regional network does not remain local.

The deepfake incidents show why coverage design needs to change. In February 2024, a Hong Kong employee transferred $25 mn after deepfakes impersonated company executives on a video call.

In March 2025, a Singapore finance director nearly lost more than $499,000 in a similar Zoom-based attack. Both incidents occurred within the region and involved AI-generated real-time video impersonation.

Those events challenge older social engineering sublimits and business email compromise policy wording. Many forms were not written with live synthetic video impersonation in mind.

At the same time, INTERPOL’s data shows ransomware and DDoS pressure moving in the opposite direction. The ABI reported that UK cyber claims reached £197 mn in 2024, a 230% year-on-year increase.

At-Bay reported a 16% rise in average ransomware claims to $508,000. S&P Global Ratings has forecast a 15% to 20% cyber premium increase in 2026 as claims severity catches up with market pricing.

For Asia-Pacific insurers, the issue is not only price adequacy. It is also whether policy wording, accumulation models, incident response networks, and claims teams are built for the region’s specific threat structure.

Regulation is also changing market demand. Singapore, Japan, South Korea, and several Southeast Asian markets are developing cyber and data frameworks that push companies toward stronger risk transfer and better controls.

The market therefore faces two pressures at once. Demand is rising because digitalisation and regulation are increasing awareness, while claims exposure is rising because organised cybercrime has become more industrialised.

According to Beinsure analysts, INTERPOL’s report should push insurers to treat Asia-Pacific cyber as a regional accumulation class rather than a collection of local policies. Pricing needs to reflect ransomware frequency, scam economy scale, deepfake-enabled fraud, DDoS growth, and jurisdictional enforcement gaps.

The market opportunity is large, but the underwriting margin will depend on how quickly insurers update assumptions built for a quieter threat environment.

South Korea fines Coupang $409 mn after regulators found weak data controls
South Korea fines Coupang $409 mn after regulators found weak data controls
South Korea fines Coupang $409 mn after regulators found weak data controls, improper access, and non-consensual data collection
Cyera raises $600 mn at $12 bn AI security valuation
Cyera raises $600 mn at $12 bn AI security valuation
Cyera raises $600 mn to expand its AI security platform for data governance, DSPM, DLP, identity, privacy, and agentic risk control
Google sues Chinese cybercrime group over AI scams
Google sues Chinese cybercrime group over AI scams
Google says Outsider Enterprise used AI and Telegram to send 2.5 mn scam texts, create fake sites, and target Android users in the U.S.
23andMe data breach victims get $46.75 mn settlement
23andMe data breach victims get $46.75 mn settlement
23andMe bankruptcy plan administrator will pay $46.75 mn to settle data breach litigation, with cyber insurers funding about $13 mn
Cyber insurance claims quality matters more than policy wording
Cyber insurance claims quality matters more than policy wording
Cyber insurance claims capability determines recovery speed, loss control, and broker confidence when ransomware, data theft, or network outages hit clients
Quantum Bridge raises $8 mn to build quantum-safe cybersecurity
Quantum Bridge raises $8 mn to build quantum-safe cybersecurity
Quantum Bridge raised $8 mn in Series A funding to expand its DSKE protocol and help organizations move toward quantum-safe security
New York DFS issues cyber threat guidance for banks, insurers, and financial firms
New York DFS issues cyber threat guidance for banks, insurers, and financial firms
New York DFS issued guidance for banks, insurers, and financial firms on cybersecurity steps during heightened threat environments
Cyber insurance penetration among North American SMBs and SMEs remains low
Cyber insurance penetration among North American SMBs and SMEs remains low
55% of small and medium-sized businesses in North America lack basic email security protections. KYND found major cyber hygiene gaps among SMBs and SMEs