Cybersecurity News in Asia

Web attacks surge 73% from 2023 to 2024 in the Asia Pacific-Japan region: report

By CybersecAsia editors | Sunday, May 11, 2025, 10:40 AM Asia/Singapore

This is based on one cybersecurity and cloud computing firm’s two year analysis.

Based on its internal user base traffic data for application-layer alerts (Layer 7 DDoS incidents) for a 24-month period from 1 Jan 2023 to 31 Dec 2024, a cybersecurity and cloud computing firm has released some findings to the public.

First, for the period of analysis, customers in the Asia Pacific and Japan (APJ) region had been shown to have experienced a 73% increase in web application attacks year-over-year: the highest percentage increase globally.

Second, in 2024 data, the APJ region recorded a total of 51bn web application attacks, up from 29bn in 2023 data. The finding is that the increase is “closely tied to the rapid adoption of AI applications”.

Other findings

Third, the countries most targeted by web and API attacks in APJ were Australia (20.3bn), India (17.3bn) and Singapore (15.9bn); followed by Japan (6.3bn), China (6.2bn), South Korea (4.9bn), New Zealand (2.9bn), and Hong Kong SAR (2.2bn). Also:

Across APJ data, the most attacked industries were financial services (over 27bn web attacks), followed by commerce (over 18bn web attacks), likely linked to accelerated adoption of emerging technologies such as AI.
For 2024, the data showed the total number of web and API attacks was 311bn, a 33% increase over the firm’s data for past years.
150bn API attacks were counted in the firm’s two-year data set. During this period of analysis, a 94% increase in Layer 7 (application layer) DDoS attacks had occurred, amounting to 7tn attacks globally, with customers in the high-technology sector being the most impacted industry. Shadow and zombie APIs were noted as particularly vulnerable attack vectors.
Monthly attacks had risen from 500bn in early 2023 to more than 1.1tn by the end of 2024. HTTP floods remained the leading Layer 7 DDoS threat, targeting web apps and APIs with persistent severity.
APJ data saw a 66% year-over-year growth in Layer 7 DDoS attacks (the second most targeted region globally) and reached a 24-month high, peaking at 504bn in December 2024. The region experienced 7.4tn attacks over the two years, with digital media platforms, including social media and commerce channels the most impacted sectors.
Over 230bn web attacks in the data had targeted commerce organizations,making it the most impacted industry globally, followed by the high technology industry.
In the data, OWASP API Top 10-related incidents had increased by 32%, while security alerts related to the MITRE security framework were up 30% in the two-year period.

According to Reuben Koh, Director of Security Technology and Strategy, Akamai Technologies (APJ), the firm disclosing its two-year data findings: “As threat actors escalate their attacks in both scale and sophistication, security strategies must thus adapt accordingly.”

The firm has issued recommendations for adopting “a shift-left security approach, strengthening API governance, and deploying AI-powered defenses to detect and mitigate evolving threats.”

Leave a reply Cancel reply

You must be logged in to post a comment.

Voters-draw/RCA-Sponsors

CybersecAsia Voting Placement

Gamification listing or Participate Now

Vote Now -Placement(Google Ads)

Top-Sidebar-banner

Whitepapers

Closing the Gap in Email Security:How To Stop The 7 Most SinisterAI-Powered Phishing Threats
Insider threats continue to be a major cybersecurity risk in 2024. Explore more insights on …Download Whitepaper
2024 Insider Threat Report: Trends, Challenges, and Solutions
Insider threats continue to be a major cybersecurity risk in 2024. Explore more insights on …Download Whitepaper
AI-Powered Cyber Ops: Redefining Cloud Security for 2025
The future of cybersecurity is a perfect storm: AI-driven attacks, cloud expansion, and the convergence …Download Whitepaper
Data Management in the Age of Cloud and AI
In today’s Asia Pacific business environment, organizations are leaning on hybrid multi-cloud infrastructures and advanced …Download Whitepaper

Middle-sidebar-banner

Case Studies

Bangladesh LGED modernizes communication while addressing data security concerns
To meet emerging data localization/privacy regulations, the government engineering agency deploys a secure, unified digital …Read more
What AI worries keep members of the Association of Certified Fraud Examiners sleepless?
This case study examines how many anti-fraud professionals reported feeling underprepared to counter rising AI-driven …Read more
Meeting the business resilience challenges of digital transformation
Data proves to be key to driving secure and sustainable digital transformation in Southeast Asia.Read more
Upgrading biometric authentication system protects customers in the Philippines: UnionDigital Bank
An improved dual-liveness biometric framework can counter more deepfake threats, ensure compliance, and protect underbanked …Read more

Bottom sidebar

Other News

RegASK Achieves ISO 27701 Privacy Certification, Strengthening Verifiable Trust in the AI Era
Tuesday, January 27, 2026
Agentic AI regulatory intelligence leader …Read More »
NopalCyber Named a Top 250 Global MSSP for Second Consecutive Year
Wednesday, January 21, 2026
HYDERABAD, India, Jan. 20, 2026 …Read More »
RSUPPORT Validates Top-Tier Security with ISO/IEC 27001 and 27017 Certifications
Monday, January 19, 2026
Asia’s No.1 Remote Solutions Provider …Read More »
Black Box Names Sameer Batra as Chief Business Officer to accelerate International Markets Growth
Wednesday, January 14, 2026
New leader to drive customer …Read More »
Advantech Partners with MediaTek to Achieve IEC 62443-4-2 Certification for Their First Arm-Based Industrial SBC
Wednesday, January 14, 2026
TAIPEI, Jan. 6, 2026 /PRNewswire/ …Read More »

Featured

Rethinking customer identity for financial cybersecurity

Featured

How AI is supercharging state-sponsored threat actors in Asia Pacific

Featured