Viettel Cyber Security (VCS), one of Asia’s leading cybersecurity firms, today released its Q3 2025 Cyber Threat Landscape Report, underscoring that the Philippines’ rapid digital transformation is rapidly outpacing its defensive capabilities.
The report, the first of its kind released quarterly by a private company specifically focused on the country, details a critical surge: data breach incidents rose by 49%, exposing more than 52 million user credentials in the three months.
The assessment, released during Cybersecurity Awareness Month, highlights that despite the nation’s accelerated push for digitalization, the corresponding security framework has yet to mature. The data reveals the scale of the threat:
- 76 data breach incidents recorded, up 49% from 51 cases in Q2.
- 4.3 million compromised accounts, marking a 73% rise from the previous quarter.
- 7,656 phishing attacks were detected, with 31% specifically aimed at the banking and finance sectors.
“Cybersecurity isn’t about fear, it’s about foresight,” said Thomas Luu, Country Manager at Viettel Cyber Security. “As the Philippines accelerates towards digitalization faster than ever, the importance of security must not be overlooked. Organizations who innovate without the necessary protection in place become vulnerable to risks. Cybersecurity isn’t just a safeguard—it’s an enabler of sustainable digital growth.”
The Age of AI-Driven Deception
The report indicates that a major factor driving the increased breach volume is the arrival of the Age of AI-Driven Deception. Cybercriminals are now industrializing deception, using AI and deepfake technologies to generate highly convincing fraudulent communications, cloned voices, and fake executive messages. When combined with AI-assisted malware, these attacks are proving to be faster, more targeted, and significantly harder for traditional defenses to detect.
The healthcare sector has emerged as the top target for cybercriminals, driven by the growing value of patient data and the increasing adoption of digital health systems. This makes hospitals and clinics prime targets for ransomware attacks that can disrupt critical operations and compromise sensitive medical information. Finance and e-commerce continue to be exploited through phishing and credential theft, while critical infrastructure sectors like manufacturing, energy, and public services are most exposed to ransomware and Advanced Persistent Threats (APTs). The report also notes that ordinary Filipinos are increasingly victimized by scams utilizing leaked personal data, such as fake job listings and fraudulent loan applications.
Building Cyber Resilience
To help organizations navigate this escalating threat landscape, Viettel Cyber Security recommends a four-pronged strategy for achieving Cyber Resilience:
- Vulnerability Management: Regular patching and software updates to close known security gaps.
- Disaster Recovery: Maintaining offline data backups supported by clear disaster recovery procedures.
- Human Firewall: Continuous employee training to enhance awareness and minimize human error.
- 24/7 Monitoring: Utilizing round-the-clock threat monitoring or a managed Security Operations Center (SOC) service for early detection and rapid incident response.
“Cybersecurity has become a marker of leadership and trust, especially in an increasingly digital economy,” Mr. Luu added. “At Viettel Cyber Security, we partner with organizations to build resilience through managed SOC services, empowering businesses to enhance operational efficiency and security management while ensuring 24/7 protection against evolving cyber threats.”
