A new report from Viettel Cyber Security reveals a dramatic escalation in cyberattacks targeting Philippine enterprises in the first half of 2025. The company’s 2025 Mid-Year Cyber Threat Landscape Report highlights a concerning trend: nine ransomware attacks have already been recorded, matching the total number for all of 2024.
The report details a grim six-month period where cybercriminals stole 3.7 million credentials and launched 88 major breach incidents. Sectors hit particularly hard include finance, e-commerce, and healthcare, with attackers using increasingly sophisticated methods like phishing scams and exploiting vulnerabilities in IoT devices.
Key Threats Highlighted in the Report
The report identifies several key trends driving this surge in cybercrime:
- AI-Powered Attacks: Artificial intelligence and deepfake technology are being used to create hyper-personalized phishing attacks and bypass traditional verification systems with realistic fake voices and videos.
- Accessibility of Attacks: The rise of Ransomware-as-a-Service (RaaS) platforms is making advanced attacks accessible to hackers with limited technical skills.
- Evasive Malware: Fileless malware, which runs in a computer’s memory, is becoming more common, allowing it to evade most traditional antivirus software.
- New Vulnerabilities: Poorly secured Internet of Things (IoT) devices and blockchain platforms are opening new doors for attackers to exploit.
The education sector was the top target, accounting for 18.2% of incidents, as large databases and limited cybersecurity budgets make schools easy prey. Government portals followed at 13.6%, often used as testing grounds for new attack methods. The Banking, Financial Services, and Insurance (BFSI) sector experienced 6.8% of attacks, with a focus on credential theft and AI-driven phishing.
A Call to Action for Filipino Businesses
The Viettel Cyber Security report serves as a crucial roadmap for local businesses to build stronger defenses. The company urges enterprises to:
- Implement data leak monitoring and adopt Zero Trust security models.
- Regularly back up critical systems to protect against ransomware.
- Enforce Third-Party Risk Management to secure their supply chains.
- Foster a strong internal security culture among employees.
Viettel Cyber Security’s Threat Intelligence (VCS-TI) team provides expert guidance and early warning systems to help organizations stay ahead of these evolving threats.
The full 2025 Mid-Year Cyber Threat Landscape Report is available for download on the Viettel Cyber Security website.
