Thailand's cybersecurity landscape faces a crisis as attacks here are 70% higher than the global average, mainly phishing and banking scams, according to global cybersecurity firm Check Point Software Technologies.
An IT executive who requested anonymity said since the second half of last year, delays in government IT procurement and the slumping stock market have affected IT security spending in Thailand.
"The average in Thailand of 3,180 cyber-attacks per week per organisation over the last six months [August 2024 to January 2025] far surpasses the global average of 1,843 attacks per week per organisation," said Chanvith Iddhivadhana, Thailand country manager of Check Point Software.
Among the most pressing threats in Thailand are phishing scams and banking malware, both of which have significantly higher infection rates than the global average.
According to Check Point Intelligence Report, ransomware incidents in Thailand account for 6% of cyber-attacks, compared with the global average of 4%, while banking malware is responsible for 9.5% of attacks, compared with 2.8% globally.
This trend aligns with the Bank of Thailand's findings, which revealed that Thai bank customers suffered losses of more than 60 billion baht to online financial fraud over the last two years.
Moreover, cybercriminals are increasingly exploiting artificial intelligence (AI) models such as DeepSeek to scale their nefarious operations like impersonation, financial theft and bypassing bank security.
AI-driven phishing scams, using deepfake voices and AI-generated content, are rampant. These attacks are growing in sophistication, using automated info-stealers, evading fraud detection, and executing mass spam campaigns with alarming efficiency, according to Check Point Software.
Kongsak Kortrakul, security engineer director for Southeast Asia and Korea at Check Point Software, said Thailand still lacks security awareness.
The Monetary Authority of Singapore issued advanced guidelines on environmental risk management and recently invested in a testbed for quantum security, he said.
Mr Chanvith said the Thai government's Cloud First policy is a significant step towards digital modernisation. The policy drives the cloud security market in Thailand, with an annual growth rate of 25% projected, reaching US$17.4 million by 2029, he said.
Mr Kongsak said the company expects rising demand for cloud network security, web apps, and application programming interface security as a service.
Mr Chanvith said concern over AI-related security is pushing businesses to upgrade security to prevent new AI threats. He said there is demand for external risk management as a platform that continuously detects and mitigates a wide range of external threats, including high-risk vulnerabilities, leaked credentials, and brand impersonation on phishing sites.
Thailand's amended decree on cybercrime should drive banks and telecom operators to invest more in cybersecurity, said Mr Chanvith.
Nadav Zafrir, chief executive of Check Point Software, said AI is not just a revolution -- it's a new dimension.
"AI will fundamentally change cybersecurity, much like the internet did, introducing both opportunities and risks," he said yesterday at the company's CPX APAC 2025 annual conference.
