The Philippines has emerged among the top 20 countries most frequently impacted by cyber activity in the first half of 2025, according to the latest Microsoft Digital Defense Report 2025. The study reveals a sharp rise in financially motivated attacks, particularly ransomware and extortion, which together account for more than half of all incidents worldwide.
Now on its sixth annual edition, the report analyzes data from July 2024 to June 2025 and details how cybercriminals and nation-state actors are becoming increasingly sophisticated.
Microsoft’s global threat intelligence network processes over 100 trillion signals daily — blocking 4.5 million new malware attempts and screening 5 billion emails for phishing and malicious content. These figures underscore both the vast scale of cyber threats and Microsoft’s vantage point in mapping the global cybersecurity landscape.
Peter Maquera, CEO of Microsoft Philippines
“The Philippines’ inclusion in the top 20 most impacted countries is a wake-up call for organizations across sectors,” said Peter Maquera, CEO of Microsoft Philippines. “Cybersecurity must be treated as a national priority. As digital transformation accelerates, we must ensure that every Filipino — whether in government, healthcare, education, or business — is protected by resilient, modern security solutions.”
Key findings for PH and Southeast Asia
- Rise in identity-based attacks: Identity breaches grew by 32% globally, driven by infostealer malware used to harvest user credentials. The Philippines was notably affected by Lumma Stealer, a malware-as-a-service platform disrupted by Microsoft and global law enforcement in May 2025.
- Critical services under threat: Hospitals, local governments, and schools remain primary targets, often due to outdated systems and limited security budgets.
- AI as a double-edged sword: Threat actors are weaponizing generative AI to scale phishing and social engineering attacks, while defenders use the same technology to detect anomalies and automate responses.
- Nation-state espionage: Chinese threat groups were found targeting Philippine IT, government, and academic institutions as part of wider Southeast Asian espionage campaigns.
The growing sophistication of cyberattacks has also raised alarms in the country’s fintech and digital payments sector, where rapid digital adoption has expanded both opportunities and vulnerabilities. Experts warn that financial platforms — ranging from mobile wallets to neobanks — must strengthen defenses against credential theft, data breaches, and ransomware targeting financial data.
Microsoft’s call to action
Microsoft emphasized that cybersecurity is a shared responsibility among government, private organizations, and individuals. The company strongly recommends adopting phishing-resistant multifactor authentication (MFA), which can block over 99% of identity-based attacks—even when attackers possess valid credentials.
Beyond technical safeguards, Microsoft urges that cybersecurity be integrated into business strategy and governance. The company continues to partner with local government agencies and industries to strengthen digital resilience, share threat intelligence, and protect critical infrastructure.
Through initiatives such as the Secure Future Initiative, Microsoft aims to help Filipino organizations, including those in fintech and finance, stay ahead of evolving cyber risks while embracing digital innovation.
To read the full report, visit: Microsoft Digital Defense Report 2025
