The Philippines has emerged as one of the world’s most cyber-threatened nations, ranking 20th globally among countries most frequently impacted by cyber activity in the first half of 2025, according to the newly released Microsoft Digital Defense Report 2025.
The sixth annual edition of the report—covering the period from July 2024 to June 2025—reveals a sharp increase in financially motivated cyberattacks, with extortion and ransomware responsible for more than half of all global incidents. The findings highlight the growing sophistication of cybercriminals and nation-state actors, underscoring the urgent need for AI-driven, modern cybersecurity defenses.
Microsoft’s global threat intelligence team processed an astonishing 100 trillion signals daily, blocked 4.5 million new malware attempts, and screened 5 billion emails for phishing and malware. These figures demonstrate not only the scale of today’s cyber threat landscape but also Microsoft’s unparalleled visibility into the global cybersecurity ecosystem.
“The Philippines’ inclusion in the top 20 most impacted countries is a wake-up call for organizations across sectors,” said Peter Maquera, CEO of Microsoft Philippines. “Cybersecurity must be treated as a national priority. As digital transformation accelerates, we must ensure that every Filipino—whether in government, healthcare, education, or business—is protected by resilient, modern security solutions.”
Key Insights for the Philippines and Southeast Asia
- Rise in Identity-Based Attacks:
Identity-related attacks surged by 32% globally, with infostealer malware increasingly used to harvest user credentials. The Philippines ranked among the top 20 countries affected by Lumma Stealer, a malware-as-a-service platform that Microsoft and global law enforcement successfully disrupted in May 2025. - Critical Services Under Threat:
Hospitals, local governments, and educational institutions remain prime targets due to legacy systems and limited cybersecurity budgets. - AI as a Double-Edged Sword:
Threat actors are now using generative AI to scale phishing and social engineering attacks, while defenders leverage AI to detect anomalies and automate response at unprecedented speed. - Nation-State Activity:
Microsoft detected Chinese threat actors targeting the Philippines as part of broader espionage campaigns in Southeast Asia, focusing on the IT, government, and academic sectors.
Microsoft’s Call to Action
Microsoft emphasizes that cybersecurity is a shared responsibility. The company urges organizations across the Philippines to adopt phishing-resistant multifactor authentication (MFA)—a simple yet powerful defense that can block over 99% of identity-based attacks, even when attackers have valid credentials.
Beyond technology, Microsoft calls for a holistic approach where cybersecurity is integrated into business strategy and governance. The company continues to collaborate with government and industry partners to share threat intelligence, fortify critical infrastructure, and build nationwide resilience through initiatives like the Secure Future Initiative.
“Cyberattacks are becoming faster, smarter, and more targeted,” Maquera added. “Through collaboration and AI-driven security innovation, we can help Filipino organizations stay one step ahead of adversaries.”
To read the full report, visit: Microsoft Digital Defense Report 2025
