The cybersecurity landscape in the Philippines presented a challenging picture in 2024, marked by a significant number of breaches and a substantial volume of compromised data. A striking statistic reveals that over 80% of organizations in the Philippines experienced an average of three cybersecurity breaches throughout the year . This finding, stemming from a survey conducted by cyber defense company BlueVoyant, underscores the pervasive nature of cyber threats targeting the nation’s businesses. The fact that such a high percentage of organizations encountered multiple security incidents indicates that these are not isolated occurrences but rather a systemic challenge demanding immediate attention. This high prevalence immediately signals to any business operating in or interacting with entities in the Philippines that cybersecurity is not a peripheral concern but a central risk that could impact their operations, partnerships, and overall stability.
Adding to this concerning picture is the revelation that in just the first six months of 2024, over 315,000 credentials were compromised in the Philippines . This alarming figure, reported by Viettel Threat Intelligence, highlights the extensive exposure of sensitive user information. When credentials fall into the wrong hands, the potential for malicious activities such as unauthorized access to critical systems, theft of valuable data, and further sophisticated cyberattacks increases dramatically. The sheer volume of compromised credentials underscores the vulnerability of digital accounts and the significant risk posed to both individuals and organizations in terms of data privacy and security. The convergence of these two key statistics – the widespread experience of breaches across organizations and the massive scale of credential compromise – paints a clear picture of a cyber environment under intense and sustained attack. This suggests that the current security measures implemented by many entities in the Philippines may not be adequately robust to effectively deter or prevent the increasingly sophisticated tactics employed by cyber threat actors.
The types of cyberattacks observed in the Philippines throughout 2024 were varied and demonstrated the adaptability of malicious actors. Phishing attacks remained a significant threat vector, with Viettel Threat Intelligence reporting over 17,456 incidents in the first half of the year alone, marking a concerning 23% increase . This upward trend signifies the continued effectiveness of social engineering tactics in deceiving individuals into divulging sensitive information or granting unauthorized access. The prevalence of phishing highlights the need for ongoing vigilance and robust security awareness training for employees across all sectors. Furthermore, malware infections, particularly InfoStealers designed to extract sensitive data, showed a rise in 2024, as noted by Cyberint . These types of malware can surreptitiously collect credentials, financial details, and other confidential information from infected devices, leading to significant data breaches and potential financial losses. Cyberint also highlighted the effectiveness of social engineering as a broader attack method and the increasing prominence of Smishing, or phishing via SMS, particularly in the early months of 2024 . This shift indicates that threat actors are diversifying their approaches and leveraging multiple communication channels to target potential victims.
A more detailed breakdown of attack types in early 2024, provided by Nucamp, reveals that hack-and-leak operations constituted the majority at 55%, followed by misinformation campaigns at 35%, and Distributed Denial-of-Service (DDoS) attacks at 10% . The dominance of hack-and-leak operations suggests a primary focus on exfiltrating sensitive information for various purposes, potentially including financial gain through selling the data or causing reputational damage by publicly releasing it. The substantial proportion of misinformation campaigns underscores a concerning trend where cyberattacks are being used not only for data theft or disruption but also to manipulate public opinion and potentially destabilize institutions. DDoS attacks, while representing a smaller percentage, can still cause significant disruption by overwhelming targeted systems with traffic, rendering them unavailable to legitimate users. The variety and sophistication of these attack methods indicate a mature and evolving cybercriminal landscape targeting the Philippines, necessitating a comprehensive and adaptive security posture for effective defense.
| Metric | Statistic | Source | Timeframe |
|---|---|---|---|
| Compromised Credentials | 315,000+ | Viettel Threat Intelligence | H1 2024 |
| Phishing Attacks | 17,456+ (23% increase) | Viettel Threat Intelligence | H1 2024 |
| Organizations with Breaches | 84%+ | BlueVoyant | 2024 |
| Average Breaches per Org. | 3.13 | BlueVoyant | 2024 |
| Hack-and-Leak Operations | 55% | Nucamp | Early 2024 |
| Misinformation Campaigns | 35% | Nucamp | Early 2024 |
| DDoS Attacks | 10% | Nucamp | Early 2024 |
The impact of these cyberattacks on Philippine organizations extends beyond mere statistics. The fact that over 84% of organizations experienced an average of 3.13 breaches in 2024 indicates significant disruptions to their day-to-day operations . These disruptions can manifest in various ways, including system downtime, data loss, and the need for extensive recovery efforts, all of which can lead to substantial financial losses through decreased productivity, damage to reputation, and the costs associated with incident response. Furthermore, the alarming increase in data breaches, particularly within the government and education sectors, as highlighted by Viettel Threat Intelligence, resulted in the compromise of over 660 million records, more than 1 terabyte of data, and nearly 150 gigabytes of KYC (Know Your Customer) data in the first half of 2024 . The sheer scale of this data exposure presents severe risks, including identity theft, financial fraud, and the erosion of public trust, especially when sensitive information from government and educational institutions is compromised. The disproportionate impact on these sectors might suggest potential vulnerabilities stemming from underinvestment in security measures or the inherent challenges in protecting the vast amounts of sensitive data they handle.
A particularly concerning area of vulnerability identified in the reports is the management of supply chain cyber risk. BlueVoyant’s findings indicate that over 84% of organizations experiencing breaches in 2024 were impacted through their supply chain . Alarmingly, almost a third (32%) of these organizations reported having no way to even detect cybersecurity incidents within their supply chains, and a significant 65% admitted that third-party cybersecurity risk management was either not a priority or only somewhat of a priority . This lack of focus and visibility into the security practices of third-party vendors creates a significant weakness that cybercriminals are actively exploiting. Given the interconnected nature of modern business, a breach at a third-party vendor can easily cascade and compromise the security of the primary organization, even if its internal defenses are robust. The discrepancy between the high number of breaches originating from the supply chain and the low prioritization of managing these risks suggests a potential lack of awareness or understanding of the extended attack surface that third-party relationships create.
While ransomware remains a critical global threat, Cyberint observed a decrease in ransomware attacks targeting the Philippines in 2024 compared to the previous year . Despite this apparent decline, the potential for significant disruption and financial losses associated with ransomware attacks means that organizations must not become complacent. Maintaining strong defenses, including robust backup and recovery strategies, is still essential to mitigate the risks posed by this persistent threat.
Several key areas of vulnerability contribute to the challenging cybersecurity landscape in the Philippines. A significant concern is the lack of detection capabilities within supply chains, with 32% of organizations admitting they have no way of knowing if a breach occurs through their vendors . This lack of visibility allows malicious activity to go unnoticed, potentially for extended periods, increasing the damage that can be inflicted. Furthermore, the fact that 65% of Filipino organizations do not fully prioritize third-party cybersecurity risk management indicates a fundamental weakness in their overall security strategy. When cybersecurity, particularly concerning external partners, is not treated as a critical priority, it often results in insufficient allocation of resources and a lack of proactive measures to mitigate risks.
The human factor also plays a crucial role in cybersecurity vulnerabilities. The shift towards remote and hybrid work models in recent years has introduced new challenges, with data breaches often stemming from employees using unsecured home networks, personal devices, or outdated software . Additionally, weak security practices such as the reuse of passwords continue to be a significant point of entry for attackers. The reliance on employees for maintaining security in distributed work environments necessitates a strong emphasis on comprehensive cybersecurity awareness training and the implementation of robust endpoint security measures. The challenges arising from remote work highlight the need for organizations to adapt their security policies and technologies to ensure that employees working outside the traditional office perimeter are equipped and informed to maintain a secure environment.
In response to the growing cybersecurity threats, the Philippine government has taken proactive steps, most notably through the launch of the National Cybersecurity Plan (NCSP) 2023-2028 in February 2024 . This comprehensive framework aims to address the rising volume and sophistication of cyberattacks by outlining effective policies, securing critical infrastructure, and establishing clear response protocols. A key component of the NCSP is the focus on building the capacity of the Filipino workforce in cybersecurity and related fields, recognizing that a skilled talent pool is essential for long-term digital security. The government’s commitment to strengthening the nation’s cybersecurity posture is also reflected in the Philippines’ improved ranking in the United Nations Global Cybersecurity Index (GCI), climbing to 53rd place in 2024 from 61st in 2020 . This progress suggests that the government’s initiatives, including the NCSP, are beginning to yield positive results in enhancing the country’s overall cybersecurity standing.
Furthermore, there has been a notable increase in cybersecurity budgets in the Philippines. BlueVoyant reported that 90% of Philippine organizations are increasing their budgets for third-party cybersecurity risk management programs . This indicates a growing awareness within the private sector of the importance of investing in cybersecurity to protect their assets and operations. Similarly, the government has also demonstrated its commitment by increasing the cybersecurity budget by 49.2% . This increased financial investment across both the public and private sectors is a positive step towards strengthening the nation’s cyber defenses. However, it is crucial to note that while increased spending is encouraging, the strategic allocation of these resources is equally important. As highlighted by BlueVoyant, there needs to be a greater focus on prioritizing and effectively managing third-party cybersecurity risks to ensure that these budget increases translate into tangible improvements in security outcomes.
In conclusion, the cybersecurity landscape in the Philippines in 2024 presented significant challenges, with over 80% of organizations experiencing breaches . This alarming statistic underscores the urgent need for enhanced cybersecurity measures and a greater focus on proactive risk management. The continuous evolution of cyber threats, ranging from sophisticated phishing attacks and malware to complex supply chain vulnerabilities and misinformation campaigns, demands a comprehensive and adaptive approach to security. While government initiatives like the National Cybersecurity Plan and increased investment in cybersecurity are positive steps forward, organizations must prioritize cybersecurity at all levels, improve their detection capabilities, particularly within their supply chains, and empower their employees to be a strong first line of defense. The data clearly indicates that cybersecurity is not just a technical issue but a fundamental business risk that requires ongoing attention and strategic investment to safeguard operations, protect data, and maintain trust in the digital ecosystem of the Philippines.
Sources used in the report :
Viettel Cyber Security Unmasked Philippine Cyber Risks: Over …
IT Security Philippines: Cybersecurity Trends for 2025 – CT Link Systems, Inc.
DICT fortifies PH cybersafety with National Cybersecurity Plan ’23 …
Over 80% of PHL organizations hit by cybersecurity breaches in …
Philippine Threat Landscape Report 2024-2025 – Cyberint
Philippines Organisations Impacted by Cyber Security… | BlueVoyant
Philippines Cybersecurity Job Market: Trends and Growth Areas for 2025