Southeast Asia's building industry under threat from cyber attacks
In the rapidly evolving digital landscape of Southeast Asia, the construction and manufacturing industries are facing a rising tide of cyber threats. According to a report by global cybersecurity firm KasperskyHCM, these sectors are becoming increasingly vulnerable, with the internet serving as the primary source of attacks in the region.
While specific details about attacks targeting construction companies are scarce, the manufacturing sector has been impacted by significant cybersecurity incidents. One notable example is the cyberattack on Kuala Lumpur International Airport, which disrupted many of its information systems for 10 hours in Q1 2025. This incident, along with over 100 others reported in the region, underscores the evolving threat landscape for critical infrastructure and industrial organisations.
Advanced persistent threat (APT) groups have been active, employing sophisticated tactics such as polyglot files and exploiting vulnerabilities in widely used software like 7-Zip and Microsoft Windows. Ransomware remains a pervasive threat, with data exfiltration and extortion becoming routine. Supply chain attacks are also a concern, given the complex supply chains in these sectors.
To mitigate these threats, experts recommend a multi-layered approach. This includes enhancing network segmentation and monitoring, patch and update management, employee training and awareness, multi-layered defence, incident response and recovery planning, regulatory compliance, and collaboration.
Adrian Hia, Kaspersky's managing director for Asia Pacific, emphasises the growing momentum of digitalisation in the construction sector. However, he warns that digital industrial devices could become increasingly vulnerable in 2025 and beyond, especially at facilities using outdated security measures or inexpensive network equipment. Hia frames cybersecurity as an investment in business continuity, an insurance policy that protects assets and data, and maintains trust with customers and partners.
The construction sector in Southeast Asia is projected to have a compounded annual growth rate of 6.2% over the next five years. Countries like Indonesia and Việt Nam are among the largest and fastest growing in the region. The sector ranks high in terms of digitalisation, with a rate of 32.9%, far higher than the global average of 22.4%. The use and utilisation of digital technologies such as AI and automation provide major opportunities for increased efficiency.
However, this digital transformation also brings a growing cyber risk. As the construction sector in Southeast Asia becomes more reliant on digital technologies, it becomes more vulnerable to cyber threats. Experts advise regular security assessments of operational technology (OT) systems for construction and other industrial businesses, identifying and eliminating possible cybersecurity issues, implementing continuous vulnerability assessments, and ensuring timely updates for the key components of the enterprise's OT network.
As the region navigates this digital transformation, it is crucial for companies to stay informed, engage in cross-industry collaboration, and prioritise cybersecurity to maintain business continuity and protect their assets and data.
- The government should develop a comprehensive policy for cybersecurity in the construction and manufacturing industries, given the rising tide of threats in Southeast Asia.
- As businesses in these sectors increasingly rely on advanced AI and automation, they also expose themselves to a greater risk of cyberattacks, making cybersecurity updates essential.
- The manufacturing industry, in particular, has experienced significant cybersecurity incidents, with the airport attack in Kuala Lumpur being a notable example.
- To tackle these threats, a multi-layered approach is recommended, inclusive of network segmentation, employee training, regulatory compliance, and incident response planning.
- In light of the digital transformation, the construction sector in Southeast Asia, with its high digitalisation rate and rapid growth, should actively conduct regular security assessments of operational technology systems to identify and address potential cybersecurity issues.
- With advanced persistent threat groups, ransomware, and supply chain attacks posing threats, it is vital for all industries in the region to remain vigilant, collaborate, and prioritize cybersecurity to ensure business continuity and protect their assets and data.
