In 2025, cyber threats in the Philippines stuck to traditional methods like phishing and ransomware, without new forms emerging. However, artificial intelligence amplified the volume and scale of these attacks, leading to an 'industrialization of cybercrime'. Reports from various cybersecurity firms highlight increases in speed, scale, and frequency of incidents.
In 2025, cyber attackers in the Philippines did not devise new forms of intrusion; instead, they relied on familiar tactics such as phishing, ransomware, credential theft, and social engineering. The shift came in the heightened volume and scale, driven by AI, creating an 'industrialization of cybercrime' according to reports from Viettel, Kaspersky, Cloudflare, Trend Micro, Palo Alto, and Fortinet.
Jonas Walker, head of threat intelligence at Fortinet, told Rappler: “It sounds boring, but what works today will also continue to work next year… but attackers will be able to do it faster.” Viettel Cybersecurity reported a 49% surge in data breaches in Q3 2025 compared to Q2, exposing over 52 million credentials from Filipino users and organizations in just three months. The country's rapid digital transformation is outpacing its defenses, making sectors like healthcare prime targets for ransomware that disrupts operations and compromises patient information.
Kaspersky detected an average of 500,000 malicious files daily, with a 59% increase in password stealer detections, 51% in spyware, and 6% in backdoors compared to 2024. Between October 2024 and September 2025, it identified over 15 million attempted attacks masquerading as VPN apps, which delivered malware. Cloudflare mitigated 8.3 million DDoS attacks in Q3 2025, a 15% quarter-over-quarter and 40% year-over-year rise, placing the Philippines in the top 10 most DDoS-attacked countries, up 20 spots.
AI is not inventing new attacks but automating and scaling existing ones, such as crafting phishing messages or malware variants. Walker noted: “Legitimate AI tools make our life easier and more efficient. And attackers are using similar tools to make their attacks easier and more efficient.” Tools like FraudGPT and Worm GPT lack safeguards for malicious use. AI also accelerates the monetization of stolen data, turning it into currency faster.
Trend Micro stated that AI has industrialized threats, making attacks fully autonomous and adaptive. 'Vibe-coding' risks introducing insecure code 45% of the time. Walker warned that technical skills for cybercrime are lower now, with AI able to predict password variations. By 2027, Fortinet predicts cybercrime will operate at a scale comparable to legitimate global industries.
In the Philippines, rapid digitization via the eGov app and e-wallets heightens risks, making it the top ASEAN country for scams per GSMA. A emerging trend is deepfakes: AI-generated videos and cloned voices for deception. Walker said: “What if you call your boss and there’s a deepfake of him talking? If you see his face, you immediately trust it.” The government's National Cybersecurity Plan faces testing as threats escalate.
