The financial impact of cybercrime on the economy and society is expected to surge to US$10.5 trillion by 2025, yet Thailand spends only 0.2% of corporate revenue on cybersecurity systems, according to global cybersecurity firm Fortinet.
Krungthai Compass, the research arm of Krungthai Bank, projects Thailand's cybersecurity investment to reach 18 billion baht in 2025, a compound average growth rate of 13% from 2022, driven by the government, financial, healthcare and manufacturing sectors.
Cyber-attacks and artificial intelligence-generated misinformation and disinformation are global risks according to corporate leaders, said Pakthapa Chatkomes, country manager of Fortinet Thailand, citing a World Economic Forum data survey.
She said Cybersecurity Ventures estimated the impact of cybercrime on the economy and society at $10.5 trillion by 2025, up from $3 trillion in 2015.
Thailand still has a shortage of security employees, with only two full-time IT security employees employed per 1,000 employees.
The amount of IT security spending in Thailand is only 0.2% of corporate revenue, or two baht per 1,000 baht of revenue, according to Fortinet.
Ms Pakthapa said cybercriminals use AI to enhance malicious activities.
In addition, "generative profiling" attacks, or those utilsing AI audio spoofing techniques such as the use of a deep fake voice of a familiar person to target a victim, would be an early part of the AI attack chain in 2024.
Rattipong Putthacharoen, senior manager of Systems Engineering at Fortinet Thailand, said according to a Fortinet-IDC survey, the top five common cyberthreats in Thailand are phishing, identity theft, ransomware, patching vulnerabilities and Internet of Things (IoT) attacks.
"We found 72% of surveyed organisations in the Thailand report saw breaches double in 2023," he said.
The top five most targeted sectors were technology, healthcare, telcom, government, and manufacturing.
Mr Rattipong said in terms of the loss in value among businesses, ransomware was quite impactful with 56% of organisations reporting an increase of at least two times.
He said hackers attacked operating technology mainly in energy, automation, and transport worldwide.
Citing a FortiGuard Labs' Global Threat Landscape report for the second half of 2023, Mr Rattipong said there were 222,000 vulnerabilities classified as common vulnerabilities and exposures, and 30,000 new vulnerabilities, up 17% from the second half of 2022.
Cybercriminals exploited new vulnerabilities 43% faster than in the first half of 2023, so attacks took place 4.76 days after a vulnerability's discovery, compared to eight days in the first half.