ASEAN Five Dominant Threat Picture in 2025

---

Kuala Lumpur — The first ASEAN–Japan Cybersecurity Working Group Meeting of 2026 was convened at Impiana Hotel Kuala Lumpur today at 10 February 2026, marking an important milestone in strengthening regional cybersecurity cooperation. One of the key highlight of the meeting was the presentation of the AJCCA Annual Threat Intelligence Report 2025 by Rudi Lumanto, Chairman of the ASEAN Japan Cybersecurity Community Alliance (AJCCA).

During his presentation, AJCCA outlined the evolving cyber threat landscape in ASEAN based on a full year of continuous intelligence collection and analysis. Throughout 2025, AJCCA consistently published monthly threat intelligence reports, which were distributed to all community members and relevant ASEAN official stakeholders. This sustained and structured reporting effort enabled AJCCA to consolidate a comprehensive, evidence-based view of cybersecurity developments across the region.

Based on the aggregation of a year of monthly reports, the annual assessment paints a clear and consistent threat picture for ASEAN in 2025. From this analysis, AJCCA identified five dominant threat pictures that define the region’s cybersecurity environment:

1. Pressure on national infrastructure
2. Exploitation of citizen trust
3. Normalization of zero-day exploitation
4. AI as both weapon and weakness
5. Convergence of state-backed and criminal actors

These threat pictures reflect persistent, region-wide patterns rather than isolated incidents. They demonstrate how cyber threats in ASEAN increasingly target critical national systems, leverage social and digital trust, exploit unknown vulnerabilities at scale, and blur the lines between state-sponsored operations and organized cybercrime—while artificial intelligence simultaneously accelerates both offensive and defensive capabilities.

AJCCA emphasized that the findings carry a clear strategic message for the region: cyber resilience will not be built by technology alone—but by coordination and intelligence maturity. Effective defense requires not only advanced tools, but also trusted information sharing, collective situational awareness, and strong collaboration among governments, industry, and cybersecurity communities.

The ASEAN–Japan Cybersecurity Working Group Meeting reaffirmed the importance of sustained regional cooperation in addressing shared cyber risks. The AJCCA Annual Threat Intelligence Report 2025 is expected to serve as a critical reference for policymakers, security leaders, and practitioners in strengthening ASEAN’s collective cyber resilience moving forward.