The INTERPOL Asia and South Pacific Cyber Threat Assessment 2025/2026 has just been released and it makes crucial reading for the insurance profession. It was produced by INTERPOL's dedicated cybercrime desk, based at the INTERPOL Global Complex for Innovation in Singapore. It draws on responses from 18 member countries and private sector intelligence partners. It is not a market document. It is a law enforcement intelligence product - which makes it, for insurers writing cyber risk across the region, one of the more useful things published this year.
The numbers it produces are not new to anyone working in cyber incident response in the region. But seeing them assembled by INTERPOL, from a source with no financial stake in how the market responds, gives them a different character. More than 135,000 ransomware attacks in 2024. Deepfake-related discussions on criminal forums surging 600% in five months. Scam centre operations generating close to $40 billion annually, frequently using trafficked labour. DDoS attacks up 92%. Over 6.5 billion cyber threats detected and mitigated in the region between January and December 2024. More than half of surveyed member countries reporting cybercrime accounting for over 30% of all nationally recorded crime.
That is the environment in which the region's cyber insurance market is growing. Asia-Pacific is expected to record the fastest growth rate of any region in the global cyber insurance market, according to Gallagher's 2026 Cyber Insurance Market Outlook, driven by increasing digitalisation. The region currently accounts for a fraction of global cyber premiums - North America holds 60 to 70% - but the expansion trajectory is clear. The question is whether the premiums being written reflect the threat environment INTERPOL has documented, or the threat environment that existed when most of the pricing frameworks were built.
Data analysis
Each bubble is one of the top five cybercrime types ranked by INTERPOL across 18 member countries. Horizontal: case volume. Vertical: insurance claims severity. Bubble size: pace of escalation. Hover for detail.
Ransomware avg claim
$508,000
+16% YoY · At-Bay 2025
Scam centre losses
~$40bn/yr
UNODC est · INTERPOL
Deepfake forum activity
+600%
Feb–Jun 2024 · INTERPOL
Sources: INTERPOL Asia and South Pacific Cyber Threat Assessment 2025/2026; Willis Cyber Claims in Focus 2026; DUAL Global Cyber Outlook April 2026; At-Bay 2025 Cyber Claims Report; Aon APAC Cyber Risk Report 2025; UNODC TOC Convergence Report 2024. Axis positions are indicative indices.
INTERPOL's report highlights a structural vulnerability that complicates the entire regional insurance picture. Jurisdictions with less robust legislation, fragmented enforcement and limited technical capacity are precisely those most attractive to threat actors who operate with a low likelihood of being identified or prosecuted. The Pacific island states and less developed Southeast Asian economies function, in the report's framing, as gateways for malicious activity into broader regional and global networks.
For insurers underwriting multinationals with regional operations, this is an aggregation problem. An attack that enters via a low-maturity jurisdiction and propagates through a regional network does not stay local. Conor Keating, head of cyber in Asia at Willis, noted in a report published yesterday that the risk environment across Asia is growing more layered as businesses automate and expand their reliance on third-party technology systems. The infostealer families INTERPOL documents - LummaC2, RedLine, Loki, operating across Indonesia, the Philippines, Vietnam, Thailand, Malaysia, Singapore and Australia - are precisely the tools feeding that third-party dependency risk.
In February 2024, a Hong Kong employee transferred $25 million after deepfakes impersonated company executives on a video call. In March 2025, a Singapore finance director nearly lost over $499,000 in a near-identical Zoom-based attack. INTERPOL's report frames these as representative of an accelerating regional pattern. Both incidents occurred within the region. Both involved the kind of AI-generated real-time video impersonation that most social engineering sublimits and BEC policy language were not written to contemplate.
"While AI has not yet emerged as a stand-alone driver of cyber insurance claims, it is already amplifying existing threats - from social engineering and deepfake phishing."- Conor Keating, head of cyber in Asia, Willis, June 2026
The INTERPOL report arrives at a moment when the Asia-Pacific cyber insurance market is genuinely at an inflection point. Premium volumes are growing. Regulatory frameworks are emerging across Singapore, Japan, South Korea and Southeast Asia that are driving demand. ASEAN's total insurance penetration was 3.2% of GDP in 2023 against a global average of 7% - the protection gap is large and closing slowly.
Cyber ranks first among risk concerns in every major Asia-Pacific market, according to Allianz's global survey, with businesses pointing to growing digital platform dependence, regulatory change, and a threat environment that continues to evolve faster than defences. INTERPOL's report is the most authoritative single document yet produced on what that threat environment actually looks like. The pricing, wording and aggregation decisions being made across the region's growing cyber market should be made in the light of it.
