AI-Driven Cyber Attacks Surge in APAC as Risk Leaders Struggle to Keep Up
AI-driven cyber attacks in APAC surged 29% last year, with risk leaders feeling unprepared. Rising AI threats and fraud claims highlight urgent security gaps.
AI-Driven Cyber Attacks Surge as APAC Risk Leaders Feel Unprepared
A recent study reveals a sharp rise in AI-driven cyber attacks across the Asia-Pacific (APAC) region, with many risk leaders feeling they lack the readiness to tackle these threats effectively. The 2025 Cyber Risk Report by Aon points to a 29% increase in cyber incidents in APAC over the past year and a staggering 134% rise over the last four years.
Threats are becoming more sophisticated, involving AI-powered deception, social engineering, and deepfake attacks. Fraud-related cyber insurance claims have surged by 233% year-on-year, highlighting the growing risk landscape. Even New Zealandβs geographical isolation no longer offers protection, as cyber threats increasingly come from global sources. Local organisations have faced disruptions tied to overseas technology failures, causing business interruptions and data loss. The growing reliance on interconnected digital systems amplifies this exposure.
Systemic Disruption
The report describes the link between technological progress and risk as a "Faustian pact": greater efficiency comes with greater vulnerability. Notably, 63% of suspected nation-state cyber operations worldwide in the past year originated in APAC, often targeting critical infrastructure and vital industries.
From 1,414 global cyber events analysed, 56 major incidents gained significant media attention, with affected companies seeing an average shareholder value loss of 27%. This underlines the real financial impact cyber attacks can have on organisations.
Preparedness and Risk Management
There is a widening gap between the adoption of AI tools and preparedness to manage the risks they bring. While 79% of organisations use or plan to use AI, only 32% maintain a formal inventory of these tools. This gap expands the digital attack surface faster than risk management strategies can respond.
On a positive note, organisations are getting better at responding to cyber incidents. The percentage of entities paying ransoms has dropped to 25% in 2024, with the median ransom payment at USD $110,890 in the fourth quarter. This trend suggests improvements in disaster recovery and incident response planning.
Implications for New Zealand
Cyber insurance rates for New Zealand businesses dropped about 7% in the first quarter of 2025 after a long period of increases. More organisations are evaluating whether to take out or expand cyber insurance to address emerging risks.
Duncan Morrison, Cyber Practice Leader in New Zealand for Aon, highlights that the old belief in safety due to isolation no longer applies. Disruptions to global software vendors and technology supply chains have already impacted local businesses. As companies adopt advanced tools like AI and real-time data systems, their interconnectedness increases exposure.
Morrison stresses that competitive pricing isn't the only factor driving cyber insurance reviews. He points out, "The rise in AI-driven attacks, the growth in fraud claims, and the sharp drop in ransom payments all indicate two things: the threat is real, and smart preparation works."
Geostrategic Drivers
Regional tensions are a key factor in the growing cyber risk landscape. Adam Peckman, Head of Risk Consulting and Cyber Solutions for APAC at Aon, explains that nation-state-backed threat actors increasingly use cyber campaigns for asymmetrical conflict, economic coercion, and corporate espionage.
Peckman urges businesses to adopt better data-driven approaches to cyber risk decisions. Meanwhile, Morrison advises proactive steps such as exploring cyber insurance options, improving data analytics for risk assessment, and securing AI investments.
The message is clear: businesses must act now to protect themselves from evolving AI-driven cyber threats.
For organisations looking to strengthen their understanding and management of AI risks, exploring practical AI training and certifications can be a valuable step. Resources such as Complete AI Training offer courses tailored to skill-building and risk management in AI applications.
