top of page
Image by KOBU Agency

Philippines Scorecard

The Philippines is one of the most targeted countries in Southeast Asia, facing simultaneous pressure from Chinese espionage APTs, North Korean financial cyber-operations, domestic and regional scam networks, and global ransomware groups.

​

Key ministries, telecoms, critical infrastructure operators, military units, and fintech/e-wallet providers experience constant intrusion attempts. Frequent large-scale breaches feed credential theft, SIM fraud, and account takeovers, fueling a continuous cybercrime feedback loop. Geopolitical tension in the South China Sea, plus its close cooperation with the United States, makes PH a priority intelligence target for Chinese-linked groups.

                                                 Overall Position: High-threat environment with moderate to weak national readiness​

​

Cyber Maturity                                      4 /10                                                        Strategy + agencies exist, but capability is fragmented and uneven across sectors.

​​

Threat Activity                                      9 / 10                                                 One of the most heavily targeted countries in SEA by APTs, ransomware, and scams.

​​

Digital Exposure                                   8 /10                                                               Huge mobile + e-wallet adoption, BPO sector, and rapid gov/cloud digitization.

​​​

Law Enforcement Capability                4 /10                                                      Cybercrime units exist, but investigations, prosecutions, and deterrence remain weak.

​​​​

Geopolitical Risk                                  8 /10                                                      Front-line in South China Sea issues + strong U.S. alignment to high espionage interest.

​​​

Scam/Fraud/Trafficking                      9/10                                      Major victim and participant in regional scam ecosystems, SIM fraud, and cyber-enabled trafficking.

 CYBER MATURITY ASSESSMENT

Has the structures, but not the depth or consistency to fully defend the nation. The Philippines has the right cybersecurity structures on paper, but implementation is uneven and underdeveloped. Agencies are improving, but national capability still lags far behind the country’s threat exposure.

​

  • National agencies exist (DICT, NICA, NCERT), but coordination is inconsistent

  • Cybersecurity standards vary widely across sectors

  • Heavy dependence on vendor-driven security (cloud, telecom, BPO)

  • Limited advanced forensics capability

  • Progress is happening, but too slowly compared to threat volume

4/10

DIGITAL EXPOSURE

Digital adoption is extremely high, from mobile payments to cloud services to the massive BPO sector. This creates a wide attack surface that grows faster than defensive maturity can keep up. 

​

  • Extremely high mobile payment adoption (GCash, Maya)

  • Massive cloud usage across government and business

  • Large BPO industry handling foreign data leads to global threat exposure

  • Growing IoT usage in smart cities & utilities

  • Fast digitization outpacing defensive maturity

8/10

GEOPOLITICAL & ECONOMIC DRIVERS

Tensions in the South China Sea and deepening military ties with the United States make the Philippines a priority espionage target. Its geopolitical position ensures sustained interest from China-linked APTs.

​

  • Frontline country in the South China Sea dispute

  • Strong partnership with the United States increases APT interest

  • Sensitive defense modernization + military cooperation efforts

  • Political shifts and tensions increase cyber instability

  • Growing importance of PH in regional intelligence competition

8/10

CURRENT THREAT ACTIVITY

The Philippines is one of the most heavily targeted countries in the region, hit by both advanced state actors and high-volume cybercrime. Attacks occur constantly across government, telecoms, finance, and critical services.

​

  • Regular targeting by China-linked APTs (Mustang Panda, Naikon, Tonto)

  • Financial and espionage activity by North Korean groups (Lazarus, Kimsuky)

  • High volumes of ransomware, phishing, and credential harvesting

  • Government, telecom, finance, military, and e-commerce hit frequently

  • Constant “background noise” of commodity malware and BEC fraud

9/10

LAW ENFORCEMENT & CYBERCRIME CONTROL

Law enforcement has cybercrime units, but capacity, staffing, and forensics remain limited. Investigations often rely heavily on foreign partners, and prosecution rates remain low. 

​

  • BI & PNP cyber units exist but are overloaded and under-resourced

  • Low conviction rates for online scams and identity fraud

  • Digital forensics capacity still maturing

  • Investigations often rely on foreign partners

  • SIM-registration law hasn’t stopped SIM fraud & mule networks

​

4/10

SCAM / HUMAN TRAFFICKING / FRAUD 

Scams, SIM fraud, and crypto-enabled crime are widespread, and the country is deeply entangled in regional trafficking-linked cybercrime. Filipinos are both major victims and targets of large-scale scam operations.

​

  • Significant target of pig-butchering scams

  • Philippines used heavily for money mules and crypto laundering

  • Identity theft & SIM fraud extremely common

  • Citizens trafficked to scam compounds in Cambodia/Myanmar

  • Local scam groups increasingly sophisticated and large-scale

9/10

bottom of page