The INTERPOL Asia and South Pacific Cyber Threat Assessment 2025/2026 was produced by INTERPOL's cybercrime desk in Singapore, drawing on survey responses from 18 member countries and intelligence from private sector partners. New Zealand is among those countries. The assessment covers January 2024 to March 2025 and documents a regional cybercrime ecosystem that is, in INTERPOL's own framing, industrialised - operating at the scale, structure and sophistication of a commercial enterprise rather than a collection of opportunistic actors.
The headline data: more than 135,000 ransomware attacks in 2024; deepfake discussions on criminal forums surging 600% in five months; scam centre operations generating close to $40 billion annually. Over 6.5 billion cyber threats were detected and mitigated across the region between January and December 2024. These figures describe the environment in which New Zealand organisations are operating.
The domestic picture reinforces the connection. 55% of New Zealand organisations reported at least one identity fraud incident in the preceding 12 months, with nine in 10 respondents considering their document signing and verification processes vulnerable to AI-driven fraud. Gross reported fraud losses to New Zealand banks reached $265 million in the 12 months to October 2025, of which approximately $126 million involved authorised payment scams - precisely the category of loss that deepfake-assisted BEC and social engineering attacks produce.
Data analysis
Each bubble is one of the top five cybercrime types ranked by INTERPOL across 18 member countries. Horizontal: case volume. Vertical: insurance claims severity. Bubble size: pace of escalation. Hover for detail.
Ransomware avg claim
$508,000
+16% YoY · At-Bay 2025
Scam centre losses
~$40bn/yr
UNODC est · INTERPOL
Deepfake forum activity
+600%
Feb–Jun 2024 · INTERPOL
Sources: INTERPOL Asia and South Pacific Cyber Threat Assessment 2025/2026; Willis Cyber Claims in Focus 2026; DUAL Global Cyber Outlook April 2026; At-Bay 2025 Cyber Claims Report; Aon APAC Cyber Risk Report 2025; UNODC TOC Convergence Report 2024. Axis positions are indicative indices.
In February 2024, a Hong Kong employee transferred $25 million after deepfakes impersonated executives on a video call. In March 2025, a Singapore finance director nearly lost over $499,000 in a near-identical attack. INTERPOL frames these as representative of a pattern, not anomalies. Nearly 29% of New Zealanders have been targeted by deepfake scams in the past year, according to Mastercard-commissioned research. The events INTERPOL documents in Hong Kong and Singapore are the corporate-scale version of an attack pattern that is already well-established in the New Zealand consumer market.
Duncan Morrison, cyber practice leader at Aon New Zealand, has noted that most New Zealand organisations have no idea the specialist ransomware negotiation world exists - and that the risk management gap this represents could matter more than ever as the threat environment shifts. INTERPOL's report adds a further dimension: the regulatory compliance weaponisation tactic, in which threat actors threaten to report alleged compliance violations to regulators unless ransoms are paid, is specifically designed to exploit the kind of regulatory frameworks that New Zealand is actively building. The February 2026 government discussion document on critical infrastructure cyber security - which found that 80% of private sector experts said their organisations lacked basic cyber hygiene for operational technology - describes a target environment the INTERPOL report's threat actors are already equipped to exploit.
The industrialisation of ransomware means the barrier to entry has collapsed, and attackers can scale faster and adapt more quickly than at any previous point. New Zealand's position within the Asia-Pacific region means the threat infrastructure INTERPOL has documented is not a distant concern. It is the operating environment for New Zealand's cyber risk portfolio, and it deserves to be priced accordingly.
