The State of APAC Cybersecurity: CNC Intelligence Overwatch Report - July 2025

The Qantas incident has been tentatively attributed to the Scattered Spider group, a sophisticated cybercriminal organization that has demonstrated remarkable adaptability and technical capability in recent operations [13]. This attribution is particularly concerning given Scattered Spider's documented evolution from traditional phishing and SIM-swapping operations into full-scale ransomware and data theft campaigns. The group's shift toward aviation sector targeting represents a strategic decision that reflects both the high value of aviation customer databases and the sector's potential vulnerabilities in third-party integrations.

The Federal Bureau of Investigation issued a specific warning on June 27, 2025, stating that it has "observed the cybercriminal group Scattered Spider expanding its targeting to include the airline sector" and cautioning that "anyone in the aviation industry should be aware of this threat" [2]. This warning came in the context of multiple aviation sector incidents, including attacks on Hawaiian Airlines and WestJet, suggesting a coordinated campaign rather than isolated incidents.

The technical methodology employed in the Qantas breach demonstrates the sophisticated nature of modern supply chain attacks. Rather than directly targeting Qantas's primary systems, the attackers focused on a third-party customer service platform that contained extensive customer personal information. This approach reflects an understanding of the aviation industry's complex ecosystem of service providers and the potential vulnerabilities that exist at the intersection of these relationships.

The compromised data includes names, email addresses, phone numbers, dates of birth, and Frequent Flyer numbers—information that can be leveraged for identity theft, social engineering attacks, and targeted phishing campaigns. While Qantas has confirmed that no credit card information, financial data, or login credentials were accessed, the scope of personal information compromised creates significant risks for affected customers and potential secondary attack vectors for cybercriminals.

The aviation sector's vulnerability to cyber attacks stems from several structural factors that make it an attractive target for sophisticated threat actors. Airlines operate complex digital ecosystems that integrate reservation systems, customer relationship management platforms, operational technology, and third-party service providers. This complexity creates multiple potential attack vectors and makes comprehensive security oversight challenging.

Furthermore, the aviation industry's customer databases represent particularly valuable targets for cybercriminals due to the demographic characteristics of frequent travelers, who often represent higher-income individuals with significant digital footprints. The travel patterns and personal information contained in airline databases can be used to construct detailed profiles for targeted attacks or sold on dark web marketplaces for premium prices.

The international nature of aviation operations also creates jurisdictional challenges for incident response and law enforcement cooperation. When attacks span multiple countries and involve various regulatory frameworks, the coordination required for effective response becomes significantly more complex, potentially providing threat actors with additional time to achieve their objectives.

The scale of cybercrime in Malaysia reflects broader regional trends toward more sophisticated and persistent criminal operations. The National Cyber Coordination and Command Centre reported 4,626 cybersecurity incidents in 2024, representing a 43% increase from the previous year [14]. This dramatic escalation suggests that cybercriminal organizations are finding Malaysia to be a profitable operating environment, potentially due to gaps in cybersecurity awareness, regulatory enforcement, or technical defensive capabilities.

The types of scams affecting Malaysian victims span a wide range of methodologies, from traditional advance fee fraud to sophisticated social engineering attacks that leverage artificial intelligence and deepfake technology. The increasing sophistication of these operations reflects the professionalization of cybercrime in Southeast Asia, where criminal organizations have developed sustainable business models that can adapt to changing technological and regulatory environments.

The increase in cyber attacks against Thailand coincides with the country's accelerated digital transformation initiatives and growing integration with global technology supply chains. As Thai businesses and government agencies adopt cloud computing, artificial intelligence, and Internet of Things technologies, they create new attack surfaces that sophisticated threat actors can exploit.

The use of AI in cybercriminal operations extends beyond simple automation to include sophisticated social engineering attacks that can adapt in real-time to victim responses. Deepfake technology has been successfully deployed in business email compromise attacks, with cybercriminals creating convincing video and audio content that appears to come from trusted executives or business partners. The success rate of these AI-enhanced attacks is significantly higher than traditional social engineering approaches.

Machine learning algorithms are being employed to optimize attack timing and targeting, with cybercriminal organizations using AI to analyze victim behavior patterns and identify optimal moments for attack deployment. This approach has proven particularly effective in ransomware operations, where AI systems can predict when organizations are most likely to pay ransoms based on operational patterns and financial indicators.

The democratization of AI tools has also lowered the technical barriers to conducting sophisticated cyber attacks. Previously complex operations that required specialized technical knowledge can now be automated through AI systems, enabling less sophisticated threat actors to conduct attacks that were previously beyond their capabilities.

The defensive implications of AI-powered cybercrime are profound, as traditional security approaches that rely on pattern recognition and signature-based detection may prove inadequate against attacks that can adapt and evolve in real-time. Organizations are being forced to develop AI-powered defensive capabilities that can operate at the speed and scale required to counter these evolving threats.

The implications of quantum computing advances extend beyond theoretical concerns to practical considerations for organizations that must begin planning for post-quantum cryptography transitions. The timeline for quantum computers to threaten current encryption standards has been accelerated by recent breakthroughs, with some experts now predicting that cryptographically relevant quantum computers could emerge within the next decade.

Government agencies across the Asia-Pacific region are beginning to implement quantum-safe cryptographic standards in anticipation of future quantum threats. Japan's National Institute of Standards and Technology has established a timeline for transitioning government systems to post-quantum cryptography by 2030, while Singapore has launched a national quantum-safe initiative that includes both government and private sector participation [23].

The economic implications of quantum computing advances are significant, as organizations that fail to prepare for post-quantum cryptography may find their systems vulnerable to attack once quantum computers mature. The cost of transitioning to quantum-safe systems is substantial, but the potential consequences of failing to prepare are even greater.

International cooperation on quantum-safe standards has become increasingly important as the threat materializes. The development of compatible post-quantum cryptographic standards requires coordination between nations to ensure that secure communications can continue across borders once quantum computers become capable of breaking current encryption methods.

The Active Cyber Defense Law authorizes Japanese government agencies to conduct preemptive cyber operations against imminent threats to critical infrastructure and national security systems. This includes the ability to access and neutralize malicious infrastructure before attacks are launched, marking a fundamental shift from reactive to proactive cybersecurity postures. The law establishes strict oversight mechanisms and requires judicial approval for operations that involve accessing systems outside Japanese jurisdiction.

The implementation of active cyber defense capabilities comes in response to escalating threats from state-sponsored actors, particularly those attributed to China and North Korea. Japanese officials have documented a 340% increase in sophisticated cyber attacks targeting government systems and critical infrastructure over the past 18 months, with particular focus on semiconductor manufacturing facilities and defense contractors [16].

The law also establishes new cybersecurity requirements for the semiconductor industry, reflecting Japan's recognition that chip manufacturing represents a critical national security asset that requires enhanced protection. These guidelines mandate specific security controls for facilities involved in advanced semiconductor production and establish information sharing requirements between industry and government agencies.

International reactions to Japan's Active Cyber Defense Law have been mixed, with allied nations generally supportive while China and Russia have expressed concerns about the potential for escalatory cyber operations. The law includes provisions for coordination with international partners and establishes protocols for avoiding unintended conflicts in cyberspace.

This legislation represents one of the most aggressive approaches to combating cybercrime adopted by any government in the Asia-Pacific region. The law establishes a 48-hour emergency freeze authority that can be applied to any financial account where there is reasonable suspicion of involvement in cybercriminal activities. Account holders have the right to immediate appeal, but the burden of proof shifts to demonstrating legitimate use of frozen funds.

The implementation of these powers comes in response to Singapore's position as a major financial hub that has become increasingly targeted by sophisticated scam operations. The Monetary Authority of Singapore reported that financial losses from cybercrime increased by 156% in 2024, with total losses exceeding S$2.8 billion [18]. The new legislation is designed to disrupt the financial infrastructure that enables large-scale cybercrime operations.

The anti-scam framework also establishes enhanced information sharing requirements between financial institutions and law enforcement agencies. Banks are now required to report suspicious transactions in real-time and provide immediate access to transaction records when requested by authorized investigators. These requirements are supported by artificial intelligence systems that can identify potentially fraudulent patterns and automatically trigger reporting mechanisms.

International financial institutions operating in Singapore have expressed concerns about the potential impact on legitimate business operations and customer privacy. The government has established a rapid appeal process and committed to regular review of the legislation's implementation to address legitimate concerns while maintaining its effectiveness against cybercrime.

The updated framework expands the definition of critical information infrastructure to include artificial intelligence systems, quantum computing facilities, and advanced manufacturing systems. Organizations operating these systems are now subject to enhanced security requirements and must undergo regular cybersecurity assessments conducted by government-approved agencies.

China's approach to AI governance has also evolved significantly, with new regulations requiring approval for AI systems that could impact national security or social stability. The framework establishes a tiered approval process based on the potential impact of AI applications, with the most sensitive systems requiring approval from the Cyberspace Administration of China [20].

The regulatory changes reflect China's growing emphasis on technological sovereignty and its determination to maintain control over critical digital infrastructure. The new requirements have significant implications for international businesses operating in China and may affect global supply chains that depend on Chinese technology components.

International reactions to China's regulatory evolution have been largely critical, with concerns expressed about the potential for these requirements to be used for economic espionage or to disadvantage foreign competitors. The European Union and United States have both indicated that they are reviewing the implications of China's new regulations for their own cybersecurity policies.

The task force operates under the direct authority of the Ministry of Communication and Information Technology and includes representatives from the National Cyber and Crypto Agency (BSSN), the Indonesian military's cyber command, academic institutions, and private sector technology companies. This multi-stakeholder approach ensures that policy development incorporates diverse perspectives and technical expertise while maintaining government oversight of critical cybersecurity initiatives.

The task force's mandate encompasses three primary areas of responsibility: strengthening digital resilience across critical infrastructure sectors, ensuring that AI governance frameworks respect human rights and democratic values, and developing capabilities to address AI-enhanced cyber threats. This comprehensive approach reflects an understanding that the integration of artificial intelligence into both offensive and defensive cyber operations requires fundamental changes in how governments approach cybersecurity policy and implementation.

Indonesia's cybersecurity challenges have intensified significantly in recent years, with more than 330.5 million digital anomalies recorded in 2024, representing a dramatic increase in threat activity compared to previous years [29]. This escalation reflects both the growing sophistication of threat actors targeting Indonesian systems and the country's increasing attractiveness as a target for cybercriminal and state-sponsored operations due to its large digital economy and strategic geographic position.

The National Cyber and AI Task Force has identified several priority areas for immediate action, including the development of AI-powered threat detection systems for critical infrastructure protection, the establishment of public-private partnerships for cybersecurity information sharing, and the creation of educational programs to build cybersecurity awareness among citizens and businesses. These initiatives are designed to address both immediate security needs and long-term capacity building requirements.

The task force has also been tasked with developing Indonesia's position on international cybersecurity cooperation and AI governance frameworks. This includes participation in ASEAN cybersecurity initiatives, engagement with global AI governance discussions, and the development of bilateral cybersecurity partnerships with key allies and partners. Indonesia's approach emphasizes the importance of maintaining national sovereignty while participating in international cooperation mechanisms.

One of the most significant aspects of Indonesia's approach is its emphasis on ensuring that AI development and deployment align with Indonesian cultural values and democratic principles. The task force has been specifically mandated to ensure that AI governance frameworks protect human rights, promote social inclusion, and prevent the use of AI technologies for authoritarian surveillance or social control purposes.

The Computer Emergency Response Team of India (CERT-In) has documented a substantial increase in ransomware incidents targeting Indian organizations across multiple sectors, including healthcare, financial services, manufacturing, and government agencies. The total cost of recovery from ransomware attacks typically exceeds $1 million for most organizations, demonstrating the comprehensive impact of these incidents beyond the immediate ransom demands.

India's response strategy includes several key components designed to address both immediate threats and long-term resilience building. The government has established enhanced information sharing mechanisms between CERT-In and private sector organizations, enabling more rapid threat intelligence dissemination and coordinated response efforts. These mechanisms include real-time threat feeds, incident reporting protocols, and technical assistance programs for organizations facing active ransomware attacks.

The Indian government has also launched a national cybersecurity awareness campaign specifically focused on ransomware prevention and response. This campaign targets both organizational decision-makers and individual users, providing guidance on backup strategies, security hygiene practices, and incident response procedures. The campaign emphasizes the importance of not paying ransoms and provides resources for organizations to develop alternative recovery strategies.

India's approach to ransomware response also includes significant investment in quantum computing research and post-quantum cryptography development. The government has recognized that quantum computing advances, particularly those demonstrated by China, represent a long-term threat to current encryption standards and has initiated programs to develop quantum-safe cryptographic systems for critical infrastructure protection.

The Indian Space Research Organisation (ISRO) and the Department of Science and Technology have launched joint initiatives to develop quantum communication networks and quantum-safe encryption systems. These initiatives are designed to ensure that India maintains technological sovereignty in critical cybersecurity technologies while contributing to global quantum-safe standards development.

India has also strengthened its international cybersecurity cooperation, particularly with the United States through an expanded cybersecurity partnership that includes joint threat intelligence sharing, coordinated response to state-sponsored cyber activities, and collaborative research and development initiatives. This partnership is designed to address emerging threats such as quantum computing attacks on encryption systems and AI-powered cyber operations.

The partnership also includes collaborative research and development initiatives aimed at addressing emerging threats such as quantum computing attacks on encryption systems and AI-powered cyber operations. These initiatives are designed to ensure that democratic nations maintain technological advantages in cybersecurity capabilities while promoting responsible AI development and deployment practices.

The Chinese government has also strengthened its regulatory framework for cybersecurity and data governance, implementing new requirements that significantly expand the scope of critical information infrastructure. These changes affect international businesses operating in China and reflect the government's determination to maintain control over critical digital systems and data flows.

China's approach to artificial intelligence governance has evolved to include specific requirements for AI systems that could impact national security or social stability. The new framework establishes a comprehensive approval process for AI applications and creates new categories of restricted AI technologies that cannot be exported without government approval.

The semiconductor industry has become a particular focus of Japan's cybersecurity efforts, with new guidelines establishing specific security requirements for advanced chip manufacturing facilities. These requirements reflect Japan's recognition that semiconductor production represents a critical national security asset that requires enhanced protection against both cybercrime and state-sponsored espionage.

Japan's cybersecurity cooperation with international partners has also expanded significantly, with new information sharing arrangements with NATO and enhanced coordination with Five Eyes nations. These partnerships are designed to address the growing sophistication of state-sponsored cyber threats, particularly those attributed to China and North Korea.

The types of attacks targeting South Korea have evolved to include sophisticated AI-powered operations that can adapt to defensive measures in real-time. North Korean threat actors have demonstrated particular sophistication in cryptocurrency theft operations, using AI tools to automate attack processes and evade detection systems.

South Korea's response to escalating cyber threats has included enhanced cooperation with international partners and significant investment in AI-powered defensive capabilities. The government has established new cybersecurity requirements for critical infrastructure sectors and implemented enhanced information sharing mechanisms with allied nations.

The use of AI in North Korean cyber operations extends beyond simple automation to include sophisticated social engineering attacks and adaptive malware that can modify its behavior based on target environment characteristics. These capabilities have enabled North Korean groups to conduct attacks at unprecedented scale while maintaining operational security.

The economic motivation behind North Korean cyber operations has intensified as international sanctions have limited other sources of foreign currency. Cybercrime has become a critical component of the country's economic strategy, with estimated annual revenues from cyber operations exceeding $1 billion.

The Cyber Security Agency of Singapore has revealed concerning statistics about public vulnerability to AI-generated content, with only 25% of citizens able to accurately identify deepfake videos despite 78% expressing confidence in their detection abilities. This gap has prompted the development of comprehensive public education initiatives and the integration of deepfake detection capabilities into government communication systems.

Singapore's anti-scam legislation represents one of the most aggressive approaches to combating cybercrime adopted in the region. The new framework grants law enforcement agencies unprecedented powers to freeze financial accounts and halt transactions suspected of involvement in cybercriminal activities, reflecting the government's determination to disrupt the financial infrastructure that enables large-scale cybercrime operations.

The task force's mandate includes strengthening digital resilience across critical infrastructure sectors, ensuring that AI governance frameworks respect human rights, and developing capabilities to address AI-enhanced cyber threats. This comprehensive approach reflects an understanding that the integration of artificial intelligence into both offensive and defensive cyber operations requires fundamental changes in how governments approach cybersecurity policy.

Indonesia's cybersecurity challenges have intensified significantly, with more than 330.5 million digital anomalies recorded in 2024, representing a dramatic increase in threat activity. This escalation reflects both the growing sophistication of threat actors and Indonesia's increasing attractiveness as a target for cybercriminal and state-sponsored operations.

The Australian Cyber Security Centre has issued enhanced threat advisories for critical infrastructure sectors and implemented new information sharing requirements designed to improve early warning capabilities. The government has also announced plans to strengthen cybersecurity requirements for third-party service providers that handle sensitive customer information.

Australia's response to the Qantas breach includes enhanced cooperation with Five Eyes partners and the development of new threat intelligence sharing mechanisms specifically designed to address sophisticated cybercriminal organizations that operate across multiple jurisdictions.

The New Zealand government has implemented new cybersecurity requirements for critical infrastructure sectors and established enhanced information sharing mechanisms with international partners. These initiatives are designed to address the growing sophistication of cyber threats and the need for coordinated responses that transcend national boundaries.

The climate-cyber security nexus has become a particular concern for Pacific Island nations, as climate change impacts on physical infrastructure create new vulnerabilities that cyber attackers can exploit. The interdependence between physical and digital infrastructure means that climate-related disruptions can create cascading effects that affect cybersecurity resilience.

Australia and New Zealand have launched enhanced capacity building initiatives designed to strengthen cybersecurity capabilities across the Pacific Islands region. These programs focus on developing basic cybersecurity capabilities, establishing incident response procedures, and creating regional information sharing mechanisms.

July 2025 Regional Events

China Cybersecurity Week 2025 - BeijingDate: July 8-14, 2025Focus: National cybersecurity strategy, AI governance frameworks, quantum-safe cryptography, and Belt and Road Initiative cyber cooperation. Expected announcements on China's new cybersecurity law amendments and AI regulation framework.

ASEAN Digital Ministers Meeting - JakartaDate: July 10-11, 2025Focus: Regional cybersecurity cooperation, cross-border data governance, and coordinated response to transnational cybercrime. Key discussions on the $12.5 billion scam industry and enhanced law enforcement cooperation.

Pacific Islands Cybersecurity Summit - Suva, FijiDate: July 12-13, 2025Focus: Small island developing states cybersecurity resilience, climate-cyber nexus, and capacity building initiatives. Following Tonga's recent cyber incident, emphasis on regional preparedness.

Japan-Korea Cyber Defense Dialogue - SeoulDate: July 18-19, 2025Focus: North Korean cyber threats, AI-powered attack defense, and semiconductor supply chain security. Joint response to 48% increase in South Korean cyber incidents.

Central Asia Cyber Cooperation Forum - Almaty, KazakhstanDate: July 20-21, 2025Focus: Regional cyber threat intelligence sharing, critical infrastructure protection, and China-Central Asia cyber cooperation under Belt and Road Initiative.

Australia-New Zealand Cyber Partnership Summit - CanberraDate: July 25-26, 2025Focus: Five Eyes cybersecurity cooperation, Scattered Spider threat response, and Pacific region cyber capacity building following Qantas breach.

Taiwan Cybersecurity Conference 2025 - TaipeiDate: July 28-30, 2025Focus: Cross-strait cyber threats, AI-powered defense systems, and semiconductor cybersecurity. Expected to address 13,000 daily cyber threats and Silver Fox campaign.

August 2025 Strategic Gatherings

China-Russia Cyber Cooperation Summit - VladivostokDate: August 5-6, 2025Focus: Strategic cyber partnership, joint threat intelligence, and coordinated responses to Western cyber operations. Expected to formalize enhanced cyber cooperation agreements.

QUAD Cybersecurity Ministers Meeting - New DelhiDate: August 8-9, 2025Focus: Indo-Pacific cyber resilience, China threat assessment, and coordinated response to state-sponsored cyber activities. Building on US-India expanded partnership.

Mongolia Cybersecurity Development Forum - UlaanbaatarDate: August 12-13, 2025Focus: Landlocked nation cybersecurity challenges, China-Russia cyber influence, and international cooperation frameworks.

Philippines Cyber Defense Summit - ManilaDate: August 15-16, 2025Focus: South China Sea cyber threats, critical infrastructure protection, and US-Philippines cyber cooperation enhancement.

Indonesia National Cyber and AI Conference - JakartaDate: August 19-21, 2025Focus: National Cyber and AI Task Force initiatives, digital resilience strategy, and ASEAN cyber cooperation leadership.

North Korea Cyber Threat Assessment Conference - Virtual/SeoulDate: August 22-23, 2025Focus: AI-powered North Korean cyber operations, cryptocurrency theft automation, and regional defense coordination.

Pacific Cyber Resilience Workshop - Port Moresby, Papua New GuineaDate: August 26-27, 2025Focus: Climate-cyber security nexus, small island state vulnerabilities, and Australia-led capacity building initiatives.

China AI Governance Summit - ShenzhenDate: August 29-30, 2025Focus: AI regulation implementation, quantum computing governance, and international AI cooperation frameworks.

Government and Defense Summits

ASEAN Defense Ministers Meeting Plus (ADMM-Plus) Cyber Track - BruneiDate: July 15-16, 2025Focus: Regional cyber defense cooperation, threat intelligence sharing, and coordinated response to state-sponsored activities.

Shanghai Cooperation Organization (SCO) Cyber Security Working Group - TashkentDate: July 22-23, 2025Focus: Central Asia cyber threats, China-Russia-Central Asia cooperation, and counter-terrorism cyber operations.

Pacific Islands Forum Cyber Resilience Initiative - Nuku'alofa, TongaDate: August 10-11, 2025Focus: Post-incident recovery, regional cyber capacity building, and Australia-New Zealand support mechanisms.

BRICS+ Cybersecurity Cooperation Meeting - Kazan, RussiaDate: August 18-19, 2025Focus: Alternative cyber governance frameworks, de-dollarization cybersecurity, and China-Russia-Iran cyber cooperation.

AI and Technology Development Summits

China AI Innovation Conference - HangzhouDate: July 5-7, 2025Focus: Quantum-AI convergence, cybersecurity applications, and international AI competition dynamics.

Singapore AI Governance Summit - SingaporeDate: July 17-18, 2025Focus: Responsible AI deployment, cybersecurity integration, and regional AI cooperation frameworks.

Japan Quantum Computing Security Conference - TokyoDate: August 7-8, 2025Focus: Post-quantum cryptography, semiconductor security, and quantum-safe infrastructure development.

South Korea AI-Cyber Convergence Summit - BusanDate: August 14-15, 2025Focus: AI-powered cyber defense, North Korean AI threats, and regional technology cooperation.

July 2025 Expected Publications

China Cybersecurity White Paper 2025 - Expected July 10Comprehensive assessment of national cybersecurity posture, AI governance framework, and international cooperation strategy.

ASEAN Cybersecurity Outlook 2025 - Expected July 15Regional threat assessment, cross-border cybercrime analysis, and cooperation framework evaluation.

Australia Cyber Security Strategy Review - Expected July 20Post-Qantas breach assessment, Scattered Spider threat analysis, and enhanced defense recommendations.

Japan Semiconductor Cybersecurity Guidelines - Expected July 25Final implementation framework for chip industry security, quantum-safe requirements, and supply chain protection.

Singapore AI Governance Framework Update - Expected July 30Enhanced deepfake detection capabilities, public awareness initiatives, and regulatory framework updates.

August 2025 Intelligence Assessments

US-China Cyber Competition Assessment - Expected August 5Comprehensive analysis of strategic cyber competition, quantum computing implications, and regional impact assessment.

North Korea Cyber Capabilities Report - Expected August 10AI-enhanced cyber operations, cryptocurrency theft automation, and regional threat projection.

QUAD Cybersecurity Cooperation Review - Expected August 15Partnership effectiveness assessment, China threat response, and enhanced cooperation recommendations.

Southeast Asia Cybercrime Industry Analysis - Expected August 20$12.5 billion scam industry deep dive, law enforcement cooperation assessment, and disruption strategy recommendations.

Pacific Islands Cyber Resilience Assessment - Expected August 25Climate-cyber nexus analysis, vulnerability assessment, and capacity building recommendations.

Central Asia Cyber Threat Landscape - Expected August 30Regional threat assessment, China-Russia influence analysis, and international cooperation framework evaluation.

This comprehensive intelligence report employs a cross-mix of references and resources utilizing both quantitative data analysis and qualitative research methodologies to provide a multi-dimensional assessment of the Asia-Pacific cybersecurity landscape. The analytical framework incorporates cross-sectional examination of government publications, official agency statements, academic research, industry reports, and real-time news sources to deliver a sectorial view that extends beyond traditional publication and government-available official sites. The methodology encompasses systematic monitoring of 38+ major Asian publications, government agencies, technology vendors, and academic institutions, with data aggregation spanning multiple time zones and jurisdictional frameworks to capture the dynamic nature of cybersecurity developments across the Indo-Pacific region.

While all attempts have been made to ensure that sources and quotes are accurate and represent the best available intelligence, the CNC Analyst Team cannot guarantee that all sources are double-verified due to the rapid-evolving nature of cybersecurity incidents and the complexity of cross-border information verification. This report serves as an indicator-based analysis providing the best available and most in-depth cross-sectional, sectorial view of weekly major events and subject analysis available in a single comprehensive weekly intelligence summary. The analysis accumulated across the 2025 period represents a continuous intelligence gathering effort designed to provide stakeholders with timely, relevant, and actionable cybersecurity intelligence while acknowledging the inherent limitations of real-time intelligence reporting in a rapidly changing threat landscape.

[1] Cyber News Centre. “Qantas Hit by Major Cyberattack as Aviation Industry Faces Mounting Security Threats" July 2, 2025. 

[2] AOL News. "A notorious hacker group is now targeting the aviation industry, the FBI warns." July 2, 2025. https://www.aol.com/notorious-hacker-group-now-targeting-221217924.html

[3] Bernama. "Online Scams In Melaka Rack Up RM39 Mln In Losses Since January." July 2, 2025. https://www.bernama.com/en/news.php/?id=2440447

[4] Chosun Ilbo. "Korea lags behind as AI-powered cyber threats escalate." July 3, 2025. https://biz.chosun.com/en/en-it/2025/07/03/J3TNO247KFCRJHNGVNZGSBJ75E/

[5] Channel News Asia. "Only one in four Singaporeans can accurately identify deepfake videos." July 2, 2025. https://www.channelnewsasia.com/watch/st11-15-csa-1-public-awareness-survey-5216656

[6] Outlook Business. "Around 53% of Indian Firms Surveyed Paid Ransom to Recover Data from Cyber Attacks." July 2, 2025. https://www.outlookbusiness.com/technology/around-53-of-indian-firms-surveyed-paid-ransom-to-recover-data-from-cyber-attacks

[7] Complete AI Training. "Indonesia Forms National Cyber and AI Task Force to Strengthen Digital Resilience." July 2, 2025. https://completeaitraining.com/news/indonesia-forms-national-cyber-and-ai-task-force-to/

[8] Nikkei Asia. "Japan to establish guidelines for chip industry cybersecurity." June 27, 2025. https://asia.nikkei.com/Business/Tech/Semiconductors/Japan-to-establish-guidelines-for-chip-industry-cybersecurity

[9] Access Newswire. "98% of CISOs Expect AI-Driven Attacks to Surge: Inside Marvelous' AI Insiders Cybersecurity Summit." July 2, 2025. https://www.accessnewswire.com/newsroom/en/business-and-professional-services/98-of-cisos-expect-ai-driven-attacks-to-surge-inside-marvelous-a-1045470

[10] Security Brief Australia. "Most Asia Pacific firms unprepared for AI-driven cyber threats." July 2, 2025. https://securitybrief.com.au/story/most-asia-pacific-firms-unprepared-for-ai-driven-cyber-threats

[11] Security Brief Asia. "AI cloud workloads in Southeast Asia show higher security risks." July 2, 2025. https://securitybrief.asia/story/ai-cloud-workloads-in-southeast-asia-show-higher-security-risks

[12] DigiTimes. "Two AI startups join forces: CyCraft Technology and APMIC announce strategic partnership." July 2, 2025. https://www.digitimes.com/news/a20250701PD239/cycraft-apmic-strategic-partnership-ai-cybersecurity.html

[13] Cyber News Centre. "Qantas Hit by Major Cyberattack as Aviation Industry Faces Mounting Security Threats" July 2, 2025. https://www.cybernewscentre.com/qantas-hit-by-major-cyberattack-as-aviation-industry-faces-mounting-security-threats/

[14] GovInsider. "Malaysia is serious about cybersecurity, says DPM Zahid at the opening of CYDES 2025." July 1, 2025. https://govinsider.asia/indo-id/article/malaysia-is-serious-about-cybersecurity-says-dpm-zahid-at-the-opening-of-cydes-2025

[15] Japan Times. "Japan's Active Cyber Defense Law takes effect." July 1, 2025.

[16] Nikkei Asia. "Japan cyber attacks surge 340% targeting semiconductor facilities." June 28, 2025.

[17] The Business Times "Anti-scam law that lets police freeze potential victims’ bank accounts to kick in on Jul 1." June 30, 2025.

[18] Monetary Authority of Singapore. "Annual Cybercrime Report 2024." June 2025.

[19] China Daily. "Updated cross-border data transfer guidelines implemented." July 1, 2025.

[20] Cyberspace Administration of China. "AI Governance Framework 2025." July 2025.

[21] CoinTelegraph. "North Korea crypto hackers tap ChatGPT, Malaysia road money." June 27, 2025. https://cointelegraph.com/magazine/chatgpt-north-korea-hacks-malaysias-road-money-crypto-asia-express/

[22] Nature. "China demonstrates quantum computing breakthrough against RSA encryption." June 2025.

[23] Singapore Quantum-Safe Initiative. "National Implementation Timeline." July 2025.

[24] South China Morning Post. "China's quantum computing advances accelerate." July 2025.

[25] Japan Defense Ministry. "Active Cyber Defense Implementation Guidelines." July 2025.

[26] Korea Internet & Security Agency. "Cyber Threat Statistics H1 2025." July 2025.

[27] US-CERT. "North Korean AI-Enhanced Cyber Operations Assessment." June 2025.

[28] Cyber Security Agency of Singapore. "Deepfake Detection Survey Results." July 2025.

[29] Indonesian Ministry of Communication. "National Cyber and AI Task Force Establishment." July 2025.

[30] Thailand National Cyber Security Agency. "Cyber Attack Statistics 2025." June 2025.

[31] Royal Malaysia Police. "Cybercrime Statistics Report." July 2025.

[32] Qantas Cyber Incident- Australian Cyber Security Centre. "https://www.qantasnewsroom.com.au/media-releases/qantas-cyber-incident/

[33] Pacific Islands Forum. "Regional Cyber Resilience Assessment." June 2025.

[34] Security Brief Asia. "Ransomware threats surge as phishing grows, damages may hit $275 billion." July 3, 2025. https://securitybrief.asia/story/ransomware-threats-surge-as-phishing-grows-damages-may-hit-275-billion

[35] Cyber Security Asia. "Japan Seeks to Enhance Cybersecurity by Doubling Industry Professionals by 2030." July 3, 2025. https://cybersecurityasia.net/

[36] Help Net Security. "90% aren't ready for AI attacks, are you?" July 3, 2025. https://www.helpnetsecurity.com/2025/07/03/ai-cyber-defenses/

[37] Bank Info Security. "Ransomware Group Hunters International Announces Exit." July 3, 2025. https://www.bankinfosecurity.com/ransomware-group-hunters-international-announces-exit-a-28894

[38] Vietnam Plus. "Indonesia enhances capabilities in AI and cybersecurity." July 2, 2025. https://en.vietnamplus.vn/indonesia-enhances-capabilities-in-ai-and-cybersecurity-post322010.vnp