Cybersecurity company Kaspersky said the Philippines remains one of the Southeast Asian countries most affected by industrial malware, despite a slight decline in detected threats in the second quarter of 2025.
Findings from the Kaspersky Industrial Control Systems Cyber Emergency Response Team (ICS CERT) showed that 19.09% of industrial control system (ICS) computers in the country were targeted by malicious software between April and June. The figure was slightly lower than the 22.27% recorded in the first quarter.
The Philippines also saw a decrease in threats coming from the internet, from 13.20% in the first quarter to 10.33% in the second. Kaspersky said the drop indicates some improvement, but local systems remain vulnerable to online attacks.
“While some attack vectors have seen a slight decline, the overall trend highlights the importance of maintaining strong defenses,” said Sam Yan, head of sales for Asia emerging countries at Kaspersky.
The report also found that email-based threats have been increasing in Southeast Asia for two straight quarters. In the Philippines, the number grew from 1.36 % in the first quarter to 1.91 % in the second.
Threats from removable media such as USB drives declined slightly, from 0.66 % in the first quarter to 0.42 % in the second.
Spyware activity also remained steady. The share of ICS computers where spyware was blocked rose slightly from 3.38% to 3.41%, indicating that tools like spy Trojans, backdoors, and keyloggers continue to target industrial systems.
Kaspersky presented the findings at the Asia-Pacific Kaspersky Industrial Cybersecurity Conference (KICS), which gathered cybersecurity experts, researchers, automation suppliers, and system integrators to discuss the region’s industrial threat landscape.
“Organizations need to continuously strengthen their cybersecurity posture through regular assessments, timely updates, and capacity-building for both IT and OT teams to stay resilient against evolving threats,” Yan said.