In the first half of 2025, the Philippines ranked 20th globally among countries where customers were most frequently impacted by cyber activity, according to the newly released Microsoft Digital Defense Report 2025. The report highlights a surge in financially motivated cyberattacks, with extortion and ransomware driving over half of incidents worldwide.
The sixth annual edition of the report, which analyzes trends from July 2024 to June 2025, underscores the growing sophistication of cybercriminals and nation-state actors, and the urgent need for modern, AI-powered defenses. Microsoft’s global threat intelligence team processed over 100 trillion signals daily, blocked 4.5 million new malware attempts, and screened 5 billion emails for phishing and malware—demonstrating not only the scale of today’s cyber threat landscape, but also Microsoft’s unparalleled perspective and visibility into the global cybersecurity ecosystem.
“The Philippines’ inclusion in the top 20 most impacted countries is a wake-up call for organizations across sectors,” said Peter Maquera, CEO, Microsoft Philippines. “Cybersecurity must be treated as a national priority. As digital transformation accelerates, we must ensure that every Filipino—whether in government, healthcare, education, or business—is protected by resilient, modern security solutions.”
Key Findings Relevant to the Philippines and Southeast Asia:
- Rise in Identity-Based Attacks: Identity attacks surged by 32% globally, with infostealer malware increasingly used to harvest credentials. The Philippines ranked among the top 20 countries affected by Lumma Stealer, a malware-as-a-service platform disrupted by Microsoft and global law enforcement in May 2025.
- Critical Services Under Threat: Hospitals, local governments, and education institutions remain prime targets due to outdated systems and limited cybersecurity budgets.
- AI as a Double-Edged Sword: Threat actors are using generative AI to scale phishing and social engineering attacks, while defenders are leveraging AI to detect anomalies and automate response.
- Nation-State Activity: Chinese threat actors targeted the Philippines as part of broader espionage campaigns in Southeast Asia, focusing on IT, government, and academic sectors.
Microsoft’s Call to Action
Cybersecurity is a shared responsibility. Microsoft urges organizations in the Philippines to adopt phishing-resistant multifactor authentication (MFA), which can block over 99% of identity-based attacks—even when attackers have valid credentials.
Beyond technical measures, cybersecurity must be embedded into business strategy and governance. Microsoft continues to collaborate with government and industry partners to strengthen defenses, share threat intelligence, and support the protection of critical infrastructure. Through initiatives like the Secure Future Initiative, Microsoft is committed to helping Filipino organizations build resilience and stay ahead of increasingly sophisticated adversaries.To read the full report, visit: https://www.microsoft.com/en-us/corporate-responsibility/cybersecurity/microsoft-digital-defense-report-2025/
