Thailand’s cybersecurity systems remain vulnerable to a high number of attacks, according to cybersecurity firms.
Kaspersky said Thailand logged the most incidents in Southeast Asia with 2.52 million web threats in the first half of 2025, followed by Malaysia and Indonesia with 1.70 million and 1.63 million, respectively.
Web threats are crucial threats against businesses and enterprises, such as malware programs that can target internet users, according to Kaspersky. Web threats are not limited to online activity, but ultimately involve the internet at some stage for inflicted harm.
In the first half of 2025, Kaspersky Enterprise Solutions detected and blocked 7.83 million web threats in the region, averaging 43,049 a day.
The company said recent data revealed existing vulnerabilities in business networks, leaving Thai enterprises exposed to possible cyber-attacks.
In the first half of 2025, 1.2 million exploits targeting organisations in Southeast Asia were blocked by Kaspersky, averaging 6,750 a day.
For the period, Indonesia had the highest number of exploits at 524,657, followed by Vietnam (301,880) and Malaysia (190,556). Thailand ranked fourth with 88,966 exploits targeting businesses and enterprises.
Exploits are a type of malicious program designed to take advantage of bugs or vulnerabilities in software or operating systems to gain unauthorised access.
In the second quarter of 2025, the most common exploits globally targeted vulnerable Microsoft Office products that contained unpatched security flaws, according to another Kaspersky report.
The report revealed the top 10 most exploited vulnerabilities included both new zero-day flaws and older, unpatched issues that organisations continue to overlook.
A zero-day vulnerability is a software vulnerability discovered by attackers before the vendor has become aware of it.
“Our latest data highlights a persistent and critical challenge for enterprises in Thailand and across Southeast Asia,” says Adrian Hia, managing director for Asia-Pacific at Kaspersky.
Mr Hia said the attackers are not only leveraging new, sophisticated zero-day flaws, but also successfully exploiting older, unpatched vulnerabilities that have been a known risk for years.
He said businesses must prioritise proactive vulnerability management to shut the door on cybercriminals and protect corporate networks from long-term compromise.
ELEVATED RISK
According to Check Point Threat Intelligence, Thai organisations suffered an average of 3,201 weekly cyber-attacks in the first half of 2025, exceeding the global average of 1,946.
Chanvith Iddhivadhana, country manager for Thailand at Check Point Software Technologies, said there is a sharp rise in sophisticated nation-state campaigns, phishing scams and distributed denial-of-service attacks, driven by regional tensions and an escalation in cyber crime.
He said Thai organisations need to rethink how they manage cyber-risk.
Mr Chanvith said investing in a unified platform that blends extended detection and response solutions and an external risk management approach, as well as an open and collaborative approach to third-party integration, will deliver far more value than piecemeal tools.
Phishing remains the top attack vector in Thailand, according to Check Point Threat Intelligence, which also identified FakeUpdates as the most prevalent malware in Thailand, affecting 13.9% of Thai organisations, well above the global average of 5.4%.
FakeUpdates is a downloader malware that spreads through drive-by downloads on compromised or malicious websites.
Threat actors have aggressively targeted government entities and critical infrastructure sectors, noted Check Point.
The utilities sector, with an average of 3,567 weekly attacks, has emerged as the most targeted vertical, while the government/military sector, averaging 2,662 weekly attacks, ranks among the top three sectors for attacks this year.