Ransomware attacks across the Asia-Pacific region surged 59 percent in 2025, with new research suggesting that the rapid adoption of artificial intelligence by organisations is creating new vulnerabilities for cybercriminals to exploit.
A joint report from cybersecurity and corporate intelligence firm S-RM and global stakeholder strategy firm FGS Global found that more than 770 organisations across the region were named on ransomware leak sites last year. Ransomware accounted for 64 percent of incidents handled by the firm in Asia-Pacific, significantly higher than the global average of 45 percent.
East and Southeast Asia experienced the largest increase globally, with ransomware incidents rising by 71 percent year-on-year. Financial services was identified as the most targeted sector, accounting for 20 percent of reported incidents.
Researchers say the surge is being driven by the region’s rapid digital transformation, which has expanded the attack surface for threat actors. As businesses increasingly adopt cloud platforms, online services and AI-powered workflows, attackers are finding new opportunities to exploit operational gaps.
The report warns that the growing use of AI agents within corporate systems may be creating new pathways for cyber attacks. These AI systems can operate with privileged access to sensitive data and internal systems, creating what researchers describe as “opaque intermediaries” that attackers may be able to manipulate.
Cybercriminals are also adopting increasingly sophisticated extortion tactics. According to the report, attackers are using stricter privacy and data breach regulations as leverage during ransom negotiations, threatening to publicly release stolen information in ways that could trigger regulatory penalties.
In addition, ransomware groups are increasingly engaging directly with the media, briefing journalists via encrypted messaging platforms about stolen data and system vulnerabilities. Some groups are also monitoring company statements during cyber incidents and publicly challenging attempts by organisations to minimise the impact of breaches.
The report identified a new wave of ransomware groups that appear to be focusing heavily on Asia-Pacific. Groups including NightSpire, Dire Wolf, Gentlemen and Crypto24 — all first observed in 2025 — directed between 31 percent and 50 percent of their attacks at organisations in the region. Qilin, the most prolific ransomware group globally last year, was also the most active group targeting Asia-based companies.
Lester Lim, Regional Head of Cyber Security for Asia-Pacific at S-RM, said the region’s economic growth and rapid digitalisation have made it an increasingly attractive target for cybercriminals.
“Asia-Pacific’s economic success has made the region an attractive target for cyber criminals,” Lim said.
“Corporates face a perfect storm of increased regulation, greater stakeholder demands in the event of a cyber-attack and a more fragmented threat actor landscape attracting criminals of escalating sophistication.”
Kyle Schwaeble, Head of Incident Response for Asia-Pacific at S-RM, said the rush to deploy AI technologies without adequate security controls is increasing organisational risk.
“As organizations rapidly adopt AI to drive economic efficiency, they are inadvertently handing a powerful toolkit to adversaries who are now moving from intrusion to extortion in hours rather than weeks,” Schwaeble said.
“It is evident the rush to embed AI agents without robust security protocols is creating a significant risk environment.”
The report also warns that ransomware attacks are becoming faster and more automated. What once took attackers weeks to execute can now be completed in days or even hours, increasing the pressure on organisations to detect and respond quickly.
For corporate boards, ransomware is increasingly becoming both a cybersecurity and reputational crisis. Ben Richardson, Head of Asia at FGS Global, said organisations must prepare for the operational, regulatory and public communication challenges that often follow a cyberattack.
“A holistic, agile approach will be the difference between recovery and lasting damage,” Richardson said.
The report concludes that organisations across Asia-Pacific will need to strengthen cyber resilience as AI adoption accelerates, ensuring that new technologies are integrated with strong security controls, monitoring systems and incident response plans.
You can read the full report here.
