The Philippines continues to rank among Southeast Asia’s most targeted countries for industrial malware, according to cybersecurity firm Kaspersky, which warned of persistent threats to the nation’s operational technology (OT) systems.
During the Asia-Pacific Kaspersky Industrial Cybersecurity Conference (KICS), the company revealed that the country remains highly vulnerable to industrial cyberattacks despite a modest decline in certain infection rates.
Based on the latest findings of the Kaspersky Industrial Control Systems Cyber Emergency Response Team (ICS CERT), Southeast Asia posted the highest global rates of viruses and AutoCAD malware detected on industrial control system (ICS) computers in the second quarter of 2025.
In the Philippines, 19.09 percent of ICS computers registered blocked malicious objects in Q2 2025, down slightly from 22.27 percent in the first quarter.
Meanwhile, Internet-borne threats were blocked on 10.33 percent of ICS computers, also lower than 13.20 percent in the previous quarter — indicating an improvement, but still a high level of exposure compared to other regions.
“While some attack vectors have seen a slight decline, the overall trend highlights the importance of maintaining strong defenses,” said Sam Yan, head of sales for Asia Emerging Countries at Kaspersky.
“Organizations need to continuously strengthen their cybersecurity posture through regular assessments, timely updates, and capacity-building for both IT and OT teams to stay resilient against evolving threats.”
The report also noted that email-based attacks are on the rise, marking two consecutive quarters of increase. The Philippines recorded 1.91 percent of threats originating from email clients in Q2 2025, up from 1.36 percent in the previous quarter.
Removable media such as USB drives remained a notable attack vector, though the infection rate dropped from 0.66 percent in Q1 to 0.42 percent in Q2.
Spyware — including spy Trojans, backdoors, and keyloggers — also persisted, with Kaspersky blocking such threats on 3.41 percent of ICS computers in the Philippines in Q2 2025, marginally up from 3.38 percent in the first quarter.
Kaspersky emphasized that industrial organizations in the Philippines and across Southeast Asia must continue to invest in cybersecurity solutions, staff training, and OT-IT integration safeguards to defend against increasingly sophisticated cyberattacks targeting critical infrastructure.
