2025-2026亚洲及南太平洋网络威胁评估报告

LEGAL DISCLAIMER This publication must not be reproduced in whole or in part and in any form without special permissionfrom the copyright holder. When the right to reproduce this publication is granted, INTERPOL wouldappreciate receiving a copy of any publication that uses it as a source. This publication has not been formally edited. The content of this publication does not necessarilyreflect the views or policies of INTERPOL, its member countries, its governing bodies, or contributoryorganizations, nor does it imply any endorsement. The boundaries and names shown, and the designations used on any maps, do not imply officialendorsement or acceptance by INTERPOL. The designations employed and the presentation of thematerial in this publication do not imply the expression of any opinion whatsoever on the part of Any reference to third-party names is for appropriate acknowledgement of their ownership and does notconstitute a sponsorship or endorsement of such owner. INTERPOL does not endorse or recommendany commercial product, process, or service. All reasonable precautions have been taken by INTERPOL to verify the information contained in thispublication. However, the published material is being distributed without warranty of any kind, eitherexpressed or implied. The responsibility for the interpretation and use of the material lies with the INTERPOL takes no responsibility for the continued accuracy of the information or for the content ofany external website. Any links to external websites do not constitute an endorsement by INTERPOLand are only provided as a convenience. It is the responsibility of the reader to evaluate the content TABLE OF CONTENTS FOREWORDABBREVIATIONS AND ACRONYMS ACKNOWLEDGEMENT EXECUTIVE SUMMARY1. INTRODUCTION FOREWORD The Asia and South Pacific region is home to some of the world’s fastest-growing digital economies –and, increasingly, some of its most determined cybercriminals. Rapid connectivity has unlocked immenseopportunity, but uneven cybersecurity maturity across the region continues to create openings that This 2025/2026 INTERPOL Asia and South Pacific Cyber Threat Assessment Report provides a crucial,evidence-based analysis of the multifaceted threats that define our current reality. From the alarmingrise of artificial intelligence (AI)-enabled deepfake scams and industrial-scale fraud operations, to thepersistent scourge of ransomware and the spread of infostealer malware, the challenges are formidable.We are witnessing a surge in cyber-enabled criminal operations across Southeast Asia. Transnationalorganized crime groups have stepped up their activities and established extensive scam centres that,in some cases, resemble modern-day slavery. These developments remind us that cybercrime results Through INTERPOL’s Global Cybercrime Programme and the dedicated efforts of ASPJOC, we arestrengthening the bonds of international cooperation. In February 2025, Operation SECURE broughttogether 26 countries from this region to target infostealers and associated infrastructure in the region.The operation resulted in arrests, server seizures, the takedown of more than 20,000 malicious IPs anddomains, and hundreds of thousands of victim notifications – tangible outcomes that demonstrate whatcoordinated action can achieve and that we intend to scale in the year ahead. The insights contained As my team is based at the INTERPOL Global Complex for Innovation (IGCI) in Singapore, we havea personal connection to this region. I extend my sincere gratitude to all the member countries andpartners who contributed to this vital report. Your collaboration is the cornerstone of our collective Neal JettonDirector, Cybercrime Executive Directorate Investigation Support ABBREVIATIONS AND ACRONYMS ASPJOCAsia and South Pacific Joint Operations against CybercrimeASP DeskAsia and South Pacific DeskAIArtificial IntelligenceAVAnti-VirusBECBusiness E-mail CompromiseCaaSCrimeware-as-a-ServiceC2Command and ControlCARCyber Activity ReportDDoSDistributed Denial of ServiceDNSDomain Name SystemDLPData Loss PreventionEDREndpoint Detection and ResponseFCDOForeign, Commonwealth & Development Office, United KingdomHTTPHyper Text Transfer ProtocolIPInternet ProtocolIOCIndicator Of CompromiseJC3Japan Cybercrime Control CentreMaaSMalware-as-a-ServiceMicrosoft’s DCUMicrosoft’s Digital Crimes UnitMFAMulti-Factor AuthenticationOSOperating SystemPIIPersonal Identifiable InformationRBACRole-Based Access ControlRDPRemote Desktop ProtocolRaaSRansomware-as-a-ServiceRATRemote Access TrojanTLSTransport Layer SecurityUNODCUnited Nations Office on Drugs and CrimeUSBUniversal Serial BusSIEMSecurity Information and Event ManagementSMBServer Message BlockSMSShort Message ServiceSSOSingle Sign-OnVPNVirtual Private NetworkXDReXtended Detection and Response ACKNOWLEDGEMENT This report has been prepared by the Asia and South Pacific Desk through the Asia and South PacificJoint Operations against Cybercrime (ASPJOC), a