APAC cybercrime surge: what it means for IAM and fraud teams

TL;DR: Cybercrime now exceeds 30% of recorded offenses in over half of surveyed Asia-Pacific countries, with INTERPOL also citing more than 135,000 ransomware-related attacks, a 92% rise in DDoS incidents, and 5.5 phishing clicks per 1,000 people each month. The security lesson is broader than fraud: identity governance, cloud access, and response capacity are being outpaced together.

NHIMG editorial — based on content published by SumSub: INTERPOL warns cybercrime exceeds 30% of recorded crime in much of Asia-Pacific

By the numbers:

• Cybercrime now accounts for more than 30% of recorded offenses in over half of the Asia and South Pacific countries surveyed by INTERPOL.
• Distributed denial-of-service attacks increased by 92% year over year.
• 5.5 in every 1,000 people clicked a phishing link each month, around twice the global average.

Questions worth separating out

Q: How should security teams reduce the risk of phishing-led compromise in high-growth regions?

A: Security teams should prioritise phishing-resistant authentication, close account recovery weaknesses, and harden helpdesk verification before focusing on broader user education.

Q: Why do ransomware and cloud abuse often overlap with identity failures?

A: Ransomware operators frequently rely on stolen credentials, privileged access, or abused service accounts to move laterally and disable recovery.

Q: What do security teams get wrong about cybercrime growth in Asia-Pacific?

A: They often treat the problem as a pure detection or law-enforcement issue.

Practitioner guidance

• Tighten phishing-resistant authentication across high-value accounts Prioritise users, helpdesk personnel, finance teams, and cloud administrators first.
• Reduce standing privilege in cloud and administrative workflows Map privileged human accounts, service accounts, and delegated workflows that can reach ransomware-critical systems.
• Treat service accounts as part of fraud and ransomware defence Inventory non-human identities that can modify records, trigger payments, or move laterally.

What's in the full analysis

SumSub's full article covers the regional threat detail this post intentionally leaves at the strategic level:

• Country-by-country survey context from INTERPOL’s member responses across Asia and the South Pacific.
• The underlying crime patterns behind scams, phishing, ransomware, and DDoS activity in the region.
• Private-sector threat detection figures cited by INTERPOL, useful for comparing public and commercial telemetry.
• Law-enforcement capacity gaps and why they matter for enterprise response planning.

👉 Read SumSub's analysis of INTERPOL's Asia-Pacific cybercrime assessment →

APAC cybercrime surge: what it means for IAM and fraud teams?

Explore further

View Full Forum →  |  NHI Foundation Course →