Cybersecurity Challenges in Southeast Asia Amid Global Conflicts
Southeast Asia is increasingly vulnerable to cyber threats as global conflicts, particularly the ongoing US-Israel war with Iran, create ripple effects that extend far beyond the Middle East. Experts warn that state-linked hackers and criminal groups are exploiting the chaos around energy, shipping, and banking networks to target systems across the world.
Iran has threatened to strike economic and banking interests linked to the United States and Israel in the region following an attack on an Iranian bank. Meanwhile, the United Arab Emirates (UAE) reported foiling organized cyberattacks aimed at its digital infrastructure and critical sectors. UAE officials noted that the country experiences between 90,000 and 200,000 breach attempts daily, with over 70% of tracked threat groups classified as state-sponsored or advanced persistent threats.
This growing risk underscores the reality that no nation is immune from cyberattacks, even if it remains neutral in global conflicts. Krishna Rajagopal, CEO of Malaysian cybersecurity firm AKATI Sekurity, emphasized that distance no longer offers protection. “You may not be the target, but you are definitely in the blast radius,” he said. “There is really no such thing as a local cyber incident any more.”
Global Connectivity and Cyber Threats
Many Southeast Asian companies are connected to the same global networks as firms in the Gulf, Europe, and the United States, making them potential targets for cyberattacks. Krishna explained that once a business is tied to the cloud or the internet, it becomes part of the global conflict landscape. “The moment your business is connected to the cloud, to the internet, you’re pretty much connected to every conflict on Earth,” he said.
Amazon Web Services (AWS), the cloud computing arm of Amazon, recently reported that drone strikes linked to the conflict had damaged its facilities in the UAE and Bahrain, disrupting services. Some Southeast Asian firms used these facilities as disaster-recovery sites or secondary infrastructure. However, when disruptions hit, the shift to backup systems failed, leaving them still affected.
Krishna added that modern cyber threats are no longer based on IP addresses but on organizations. “They’re filtering based on organisations,” he said.
Shared Digital Backbone and Regional Vulnerabilities
Ainuddin Wahid Abdul Wahab, an associate professor at Universiti Malaya’s Centre of Research for Cybersecurity and Network, highlighted that Malaysia and other Southeast Asian nations are exposed due to their interconnectedness with the global internet. “Even as neutral parties, our countries are connected to the same backbone of the global internet,” he said.
An attack on a cloud provider or a global bank in the Middle East could still knock systems offline in Kuala Lumpur or Jakarta because overseas branches often rely on the same shared servers and digital infrastructure. “When a cyber strike hits a cloud provider in the Middle East, it creates a digital ricochet,” Ainuddin explained. “Even if our country is neutral, we still drink from the same pipe … our ‘digital water’ comes from the same global tech companies that are currently on the frontline of this conflict.”
Growing Importance of Southeast Asia in the Global Digital Economy
As Southeast Asia becomes more integral to the global digital economy, its exposure to cyber threats increases. Malaysia, in particular, has attracted heavy investment in data centers and cloud infrastructure. Johor has emerged as the main hub, with over 164 billion ringgit (US$41 billion) of projects approved in the second quarter of 2025, according to Reuters.
Major technology companies, including Microsoft, Google, Amazon, Nvidia, and Oracle, have announced investments in Malaysia’s fast-expanding data and AI ecosystem. This makes the region an attractive target for cybercriminals. “Asean can be seen as the world’s storage locker,” Ainuddin said. “We are holding the digital luggage for many of the world’s biggest companies.”
Critical Infrastructure and Cyber Risks
Subsea cables carry more than 95% of international communications and are considered critical infrastructure on par with energy, water, and transport systems. The Centre for Strategic and International Studies warned that the risks facing these cables have never been higher. For trade-dependent economies like Malaysia, Singapore, and Indonesia, these cables underpin everything from port logistics to cross-border payments and cloud traffic.
Kaspersky noted that cyber attacks linked to geopolitical shocks are typically wide-ranging. “Geopolitical tensions inevitably make the global cybersecurity landscape more complex,” the company said. “We may see a sharp rise in hacktivist campaigns, distributed denial-of-service attacks, website defacements, and data leaks carried out by groups seeking to promote their narratives.”
Rising Cybercrime in Southeast Asia
In March 2024, the Malaysian government reported facing about 3,000 cyberattacks a day after Kuala Lumpur voiced support for Palestine during the Gaza war. Malaysia lost over 1.22 billion ringgit (US$310 million) to cybercrime in the first 10 months of 2024, according to police data. In the first quarter of 2025 alone, police recorded 12,110 online fraud cases involving 573.7 million ringgit in losses.
MyCERT, the national computer emergency response team, handled 2,058 incidents in the second quarter of 2025, a 24% increase from the previous quarter, with fraud making up 80% of all reported cases. Kaspersky reported that its enterprise systems blocked 427,265 spyware attacks across Southeast Asia in the first half of 2025, a 70.7% increase from a year earlier. Malaysia accounted for 96,539 of those blocked attacks, a 124% jump, placing it among the region’s most heavily targeted markets.
Preparing for the Future of Cybersecurity
Krishna expressed concern that many Malaysian companies are still underinvesting in cybersecurity despite the structural nature of the threat. “People should start looking at cybersecurity not as a cost centre. They should look at it as the cost of staying in business,” he said.
As global conflicts continue to shape the digital landscape, Southeast Asian nations must adapt to the evolving threat environment. With increasing connectivity and reliance on shared digital infrastructure, the need for robust cybersecurity measures has never been more urgent.
