Cybersecurity News in Asia

Web attacks surge 73% from 2023 to 2024 in the Asia Pacific-Japan region: report

By CybersecAsia editors | Sunday, May 11, 2025, 10:40 AM Asia/Singapore

This is based on one cybersecurity and cloud computing firm’s two year analysis.

Based on its internal user base traffic data for application-layer alerts (Layer 7 DDoS incidents) for a 24-month period from 1 Jan 2023 to 31 Dec 2024, a cybersecurity and cloud computing firm has released some findings to the public.

First, for the period of analysis, customers in the Asia Pacific and Japan (APJ) region had been shown to have experienced a 73% increase in web application attacks year-over-year: the highest percentage increase globally.

Second, in 2024 data, the APJ region recorded a total of 51bn web application attacks, up from 29bn in 2023 data. The finding is that the increase is “closely tied to the rapid adoption of AI applications”.

Other findings

Third, the countries most targeted by web and API attacks in APJ were Australia (20.3bn), India (17.3bn) and Singapore (15.9bn); followed by Japan (6.3bn), China (6.2bn), South Korea (4.9bn), New Zealand (2.9bn), and Hong Kong SAR (2.2bn). Also:

Across APJ data, the most attacked industries were financial services (over 27bn web attacks), followed by commerce (over 18bn web attacks), likely linked to accelerated adoption of emerging technologies such as AI.
For 2024, the data showed the total number of web and API attacks was 311bn, a 33% increase over the firm’s data for past years.
150bn API attacks were counted in the firm’s two-year data set. During this period of analysis, a 94% increase in Layer 7 (application layer) DDoS attacks had occurred, amounting to 7tn attacks globally, with customers in the high-technology sector being the most impacted industry. Shadow and zombie APIs were noted as particularly vulnerable attack vectors.
Monthly attacks had risen from 500bn in early 2023 to more than 1.1tn by the end of 2024. HTTP floods remained the leading Layer 7 DDoS threat, targeting web apps and APIs with persistent severity.
APJ data saw a 66% year-over-year growth in Layer 7 DDoS attacks (the second most targeted region globally) and reached a 24-month high, peaking at 504bn in December 2024. The region experienced 7.4tn attacks over the two years, with digital media platforms, including social media and commerce channels the most impacted sectors.
Over 230bn web attacks in the data had targeted commerce organizations,making it the most impacted industry globally, followed by the high technology industry.
In the data, OWASP API Top 10-related incidents had increased by 32%, while security alerts related to the MITRE security framework were up 30% in the two-year period.

According to Reuben Koh, Director of Security Technology and Strategy, Akamai Technologies (APJ), the firm disclosing its two-year data findings: “As threat actors escalate their attacks in both scale and sophistication, security strategies must thus adapt accordingly.”

The firm has issued recommendations for adopting “a shift-left security approach, strengthening API governance, and deploying AI-powered defenses to detect and mitigate evolving threats.”

Leave a reply Cancel reply

You must be logged in to post a comment.

Voters-draw/RCA-Sponsors

CybersecAsia Voting Placement

Gamification listing or Participate Now

Vote Now -Placement(Google Ads)

Top-Sidebar-banner

Whitepapers

Closing the Gap in Email Security:How To Stop The 7 Most SinisterAI-Powered Phishing Threats
Insider threats continue to be a major cybersecurity risk in 2024. Explore more insights on …Download Whitepaper
2024 Insider Threat Report: Trends, Challenges, and Solutions
Insider threats continue to be a major cybersecurity risk in 2024. Explore more insights on …Download Whitepaper
AI-Powered Cyber Ops: Redefining Cloud Security for 2025
The future of cybersecurity is a perfect storm: AI-driven attacks, cloud expansion, and the convergence …Download Whitepaper
Data Management in the Age of Cloud and AI
In today’s Asia Pacific business environment, organizations are leaning on hybrid multi-cloud infrastructures and advanced …Download Whitepaper

Middle-sidebar-banner

Case Studies

Cyber protection for medical clinics in Singapore
As Singapore’s healthcare sector becomes increasingly digital and interconnected, clinics are facing heightened cyber risks, …Read more
India’s WazirX strengthens governance and digital asset security
Revamping its custody infrastructure using multi‑party computation tools has improved operational resilience and institutional‑grade safeguardsRead more
Bangladesh LGED modernizes communication while addressing data security concerns
To meet emerging data localization/privacy regulations, the government engineering agency deploys a secure, unified digital …Read more
What AI worries keep members of the Association of Certified Fraud Examiners sleepless?
This case study examines how many anti-fraud professionals reported feeling underprepared to counter rising AI-driven …Read more

Bottom sidebar

Other News

X-PHY Inc Appoints RoBridgeAI as Official Channel Partner for India
Tuesday, March 10, 2026
SINGAPORE, March 9, 2026 /PRNewswire/ …Read More »
DESILO and FHE Inventor Craig Gentry Introduce 5th-Generation “GL” FHE Scheme for Private AI
Monday, March 9, 2026
Debuting at the FHE.org 2026 …Read More »
DoveRunner Expands Presence in Southeast Asia with New Office in Jakarta
Thursday, February 26, 2026
JAKARTA, Indonesia, Feb. 25, 2026 …Read More »
Proofpoint partners with Concentrix to strengthen human- and agent-centric cybersecurity across Asia Pacific
Tuesday, February 24, 2026
Partnership integrates Proofpoint’s collaboration and …Read More »
Indonesia’s MDI Ventures Doubles Down on Execution and Trust to Unlock Regional Portfolio Value
Friday, February 20, 2026
The Telkom-backed VC reinforces cross-sector …Read More »

Featured

Beyond firewalls – addressing cybersecurity blind spots

Featured

Where are financial fraud and AML regulations heading in S E Asia?

Featured