AI and THE INDUSTRIALISATION OF CYBERCRIME

Background

On 17 June 2026, INTERPOL released its 2025/2026 Asia and South Pacific Cyber Threat Assessment Report, exposing a dramatic escalation in transnational digital crime. The landmark report highlights a critical shift in the regional threat matrix: cybercriminal networks are transitioning from localized, isolated fraud setups into industrial-scale syndicates fueled by rapid regional internet penetration and uneven cybersecurity maturity, fueled by the rising use of AI tools. Crucially, the report reveals that cyber-enabled operations have expanded so rapidly that digital offenses now account for over 30% of all nationally recorded crimes in more than half of the surveyed member states.

Key Observations

1. Industrialization of AI and Scams: Fraud networks have heavily weaponized generative AI and automated systems to orchestrate highly targeted deepfakes and spear-phishing campaigns. Between February and June 2024, deepfake execution among Southeast Asian threat groups surged by 600% using dark web-based applications and Telegram messaging platform.
   
   
2. Outdated Security Maturity: The rapid adoption of cloud computing and digital finance across the region has far outpaced defensive capabilities. Disparities in institutional infrastructure have left lesser-developed economies vulnerable, providing entry points for threat actors to bridge into broader global financial networks.
   
   
3. Proliferation of Ransomware and Infostealers: The region faced a relentless barrage of over 135,000 ransomware incidents and billions of mitigated malware attacks in 2024. These campaigns are heavily targeted at high-value sectors, including financial services, manufacturing, and real estate.
   
   
4. Severe Forensic Capacity Deficiencies: Law enforcement and corporate security teams across several jurisdictions continue to operate with inadequate technical capacities, a critical shortage of specialized forensic tools, and fragmented cross-border data pipelines.
   
   

Regulatory & Institutional Expectations to Address Gaps

1. Mandatory Cloud & Infrastructure Strengthening: Financial institutions and enterprises are expected to immediately upgrade their cloud security configurations and identity access frameworks to curb the rise of automated credential harvesting.
   
   
2. Transition to Predictive Security Tools: Regulators and global policing bodies expect organizations to deploy advanced AI-driven defenses, including real-time behavioral analytics and predictive threat intelligence, to match the speed of incoming attacks.
   
   
3. Supply Chain Vetting: Firms must enforce stricter due diligence on third-party technology partners, validating software integrity to mitigate systemic exposure to infostealer malware and ransomware-as-a-service (RaaS) models.
   
   
4. Aggressive Cross-Border Information Sharing: Expectation of accelerated intelligence sharing between public law enforcement, private-sector security teams, and regional compliance desks to identify borderless criminal infrastructures rapidly.
   

What’s Next?

Management must prepare for incoming regulatory tightening as regional authorities scramble to implement Interpol’s cybersecurity recommendations. FIs will face elevated supervisory pressure to demonstrate robust, cross-border fraud detection systems and highly resilient incident response protocols. Failing to systematically eliminate technological vulnerabilities, particularly in regard to unmonitored digital banking links and public cloud exposures, could trigger heightened regulatory oversight.

How Can We Help?

Capital Governance can assist financial institutions in:  

1. Refreshing Technology Risk management, AI Governance and cybersecurity P&Ps: Proposing tailored structural improvements and policy enhancements to integrate AI governance protocols such as advanced anti-fraud controls, deepfake detection parameters, and incident handling guidelines directly into your technology risk management manuals.
   
   
2. Reviewing Governance Framework: Conducting a comprehensive gap analysis and designing standard operating procedures to optimize the tracking, recording, and rapid cross-border escalation of material cyber threats.
   
   
3. Outsourcing Metrics & Vendor Due Diligence: Reviewing current or potential third-party technology providers and cloud hosts to ensure compliant collaboration, verifying their operational resilience, and establishing strict security metrics that align with evolving international standards.
   
   
   And much more …