The rapid convergence of IT and OT systems in Asia Pacific is driving digital efficiency—but also expanding the region’s vulnerability to cyber threats. New data from Kaspersky reveals a spike in malware and phishing attacks targeting critical infrastructure in Q2 2025, with APAC outpacing global averages.
MALAYSIA, 7 AUGUST 2025 – As digital transformation accelerates across Asia Pacific (APAC), the integration of Information Technology (IT) and Operational Technology (OT) is no longer optional for industrial sectors. This convergence is fuelling innovation and efficiency but also expanding the region’s cybersecurity threat surface at a worrying pace.
The IT/OT convergence market in APAC is currently worth USD 13.41 billion and is projected to reach USD 62.17 billion by 2030, growing at a compound annual growth rate (CAGR) of 24.5%. Industries including manufacturing, energy, oil and gas, and infrastructure are adopting connected systems and real-time data, making IT-OT integration essential for productivity and competitiveness.
However, as IT and OT systems become more intertwined, cyber threats are escalating. In Q2 2025, 23% of industrial control system (ICS) computers in APAC had malicious objects blocked—nearly 3% higher than the global average of 20.54%. Southeast Asia ranked second globally for ICS-targeted attacks in Q1 2025, followed by Central Asia in third and South Asia in sixth place.
A significant spike in phishing campaigns was observed in Q2 2025, particularly targeting the oil and gas sector. These attacks often included spyware families such as FormBook, AgentTesla, and Noon, delivered through email attachments. All were intercepted by cybersecurity solutions before causing further damage.
Virus infections, often considered outdated threats, continue to plague APAC’s industrial networks at rates two to three times higher than the global average. These legacy threats, although less sophisticated, can still severely disrupt operations and increase maintenance costs.
The most affected industries in Q2 2025 were power and energy, building automation, oil and gas, manufacturing, and ICS engineering and integration. Geographically, the top ten countries hit hardest by virus attacks on ICS computers were Vietnam, Afghanistan, China, Bangladesh, Pakistan, Myanmar, Laos, Cambodia, Indonesia, and Nepal.
To defend against this expanding threat landscape, cybersecurity experts are urging a layered, intelligence-driven approach built around smarter Security Operations Centres (SOCs). Prevention begins with tools such as threat intelligence, brand protection, attribution engines, and indicators of compromise. These enable organisations to identify and stop threats before they escalate.
Protection requires deploying advanced detection and response technologies like Endpoint Detection and Response (EDR), Managed Detection and Response (MDR), and Extended Detection and Response (XDR). These platforms are increasingly capable of covering both IT and OT environments, allowing organisations to detect, contain, and respond to threats across hybrid infrastructures.
Timely incident response is crucial, as every minute of downtime can translate into significant financial loss. Businesses in APAC are turning to services such as vulnerability assessments, penetration testing, incident response teams, and cyber drills to minimise damage and speed up recovery.
An effective strategy also includes building a unified SOC integrated with Security Information and Event Management (SIEM) systems and real-time threat intelligence. This enables complete visibility across IT and OT environments and improves coordination for handling complex cyber incidents.
Additional measures recommended for industrial companies include conducting regular OT security assessments, applying critical patches promptly, training both IT and OT teams on cybersecurity practices, and implementing dedicated solutions such as Kaspersky Industrial CyberSecurity (KICS). For hybrid environments where IT and OT intersect, comprehensive platforms like Kaspersky Next XDR Expert enhance investigative capabilities and integrate seamlessly with third-party tools.
As APAC continues to lead in digital adoption, securing the IT-OT convergence becomes critical for ensuring operational continuity and resilience. Cybersecurity frameworks must evolve in tandem with infrastructure to defend against increasingly complex and persistent threats.
