Can we expect a significant escalation in AI-powered threats in 2025 – such as more sophisticated, hyper-personalized attacks?
With AI, especially generative AI – the latest being China-developed DeepSeek – hogging the headlines in tech news across the region, what does that spell the cyberthreat landscape in Southeast Asia?
CybersecAsia finds out more about AI-powered threat trends in the region, and what we can do about them, in this Q&A with David Ng, Managing Director of Singapore, Philippines & Indonesia, Trend Micro.
In your opinion, could 2025 be the year of AI-powered threats? Why?
Ng: We can indeed expect a significant escalation in AI-powered threats this year. Cybersecurity Ventures have predicted that cybercrime will reach a staggering cost of over US$10 trillion, and Trend Micro’s research points to AI being a major driver of criminal schemes. In 2025, malicious actors will continue to exploit AI capabilities to enhance, speed up, and improve their operations and schemes.
In particular, more cybercriminals will leverage AI’s ability to enable hyper-personalized attacks that can analyze and exploit individual user habits and needs, making the threat landscape more dangerous than ever before.
The technological convergence we’re witnessing, especially with deepfakes and AI-enabled scams, is making traditional social engineering attacks significantly more sophisticated and harder to detect. While AI presents tremendous opportunities for cybersecurity, organizations need to understand that it’s also introducing new vulnerabilities for which they must prepare.
In what ways would cybercriminals be leveraging AI and related technologies to develop more sophisticated attacks?
Ng: Cybercriminals are set to leverage AI technologies in increasingly sophisticated ways throughout 2025. The most significant development is AI’s ability to break down language and cultural barriers, allowing attackers to operate effectively across different regions without needing local expertise. They also use language models to analyze public posts and create convincing impersonations by mimicking writing styles and personality traits.
On the technical side, criminals are utilizing generative AI to develop and modify malware more efficiently, while also targeting AI platforms themselves to disrupt operational supply chains. The automation capabilities of AI are particularly concerning, as they allow attackers to scale their operations and conduct multiple sophisticated attacks simultaneously with minimal human intervention.
Is there a dark side to AI agents in the enterprise? What can we do about that?
Ng: A significant dark side exists to AI agents in enterprise environments, particularly regarding visibility and control. AI agents operating autonomously within enterprise systems can create complex chains of events that become increasingly difficult for human operators to monitor and understand.
This lack of visibility presents a serious security concern, as organizations struggle to maintain control over AI actions in real time.
To address these risks, organizations must implement a holistic, unified cybersecurity approach, specifically designed for AI operations, establish robust pre- and post-implementation security measures, and ensure thorough validation of all AI inputs and outputs.
It’s critical for enterprises to recognize that AI agents, while powerful tools for automation and efficiency, require specialized security frameworks that go beyond traditional cybersecurity measures.
How should organizations in Southeast Asia safeguard their businesses against hidden vulnerabilities resulting from the growing exploitation of legitimate tools by ransomware groups to sneak into enterprise networks undetected?
Ng: Organizations in Southeast Asia face unique challenges in protecting against the exploitation of legitimate tools by ransomware groups. According to our 2024 Cyber Risk Report, the region shows an average risk index of 43.2, comparable to the global average of 43.4. However, within Southeast Asia, certain sectors face elevated risk levels — telecommunications shows the highest risk with a score of 52.6, followed by agriculture at 50.1 and education at 49.8.
The mean time to patch vulnerabilities in Southeast Asia averages 30.5 days, which is slightly higher than the global average of 29.3. Improving this timing is crucial, as prompt patching is essential for maintaining robust security defenses.
The data also reveals that larger organizations in the region (2,001-5,000 employees) face higher risk indices (48.3) compared to smaller organizations (40.9 for 101-500 employees, 39.6 for 1-100 employees). This suggests that scalable security solutions are particularly crucial for larger enterprises in the region.
To mitigate these risks, organizations ought to take a proactive approach to bolster their cyber defenses with an AI-powered cybersecurity platform that provides enhanced visibility tools, behavioral monitoring across all system layers, and active participation in threat intelligence platforms. Additionally, organizations should leverage AI in their cyber defenses for advanced threat detection to predict potential security breaches and automate responses to attacks.
Additionally, organizations should leverage AI in their cyber defenses for advanced threat detection to predict potential security breaches and automate responses to attacks.
