Pacific islands targeted in AI-fueled cyber attacks

 By Ron Rocky Coloma

It started with a hospital and a missing file.

When Palau’s Ministry of Health and Human Services lost access to its digital records in February 2025, staff at Belau National Hospital knew it wasn’t a glitch. A ransomware gang called Qilin had breached the system. Patient data, billing information and operational records dating back to 2018 were suddenly encrypted.

“Palauans have been the victims of a heinous crime by greedy cyber criminals that has put our ability to provide critical medical care and lifesaving emergency services at risk,” the ministry said in a statement at the time.

In Guam, the threats have looked different. Last year, Julien Abat Weymouth of Dededo was sentenced to 30 months in prison after pleading guilty to running an unlicensed cryptocurrency operation that moved more than $5.5 million in digital assets. Prosecutors said the funds were tied to broader fraud schemes, including bitcoin transfers to a California-based co-conspirator.

These two incidents, while different in method, reflect a clear trend: Guam and Palau are increasingly on the frontlines of global cybercrime. Threats that once seemed distant now hit close to home.

“Fraud in Asia-Pacific is continuously evolving,” said Thanh Tai Vo, director of Market Planning for Fraud & Identity at LexisNexis Risk Solutions. “And organizations that don’t adapt fast enough are exposing themselves.”

Vo recently presented new data from the 2025 APAC Cybercrime Report, which analyzed more than 104 billion digital transactions from the past year. While attack rates in some regions have leveled off, Vo said the Asia-Pacific remains a hotspot for innovation in fraud.

“We’ve seen rising volumes of human-initiated attacks,” Vo said. “That includes scams, account takeovers and deepfake-enabled fraud. The techniques are changing faster than most defenses.”

Mobile platforms remain the primary channel for cyberattacks. According to Vo, nearly three-quarters of fraud attempts in 2024 came through mobile devices, especially mobile browsers, which are more difficult to secure due to their limited data visibility.

“Mobile apps are where people transact, bank and shop,” Vo said. “But they’re also where criminals are adapting the fastest.”

Guam’s position as a U.S. territory in the Pacific makes it uniquely exposed. Its financial systems fall under federal law, but its proximity to Asia’s digital markets means it faces the same tactics deployed in places like Singapore and Hong Kong.

“These financial assets do not guarantee anonymity, as generally perceived by criminals,” said U.S. Attorney for Guam Shawn Anderson, following the Weymouth case. “We will continue to target unlicensed money transmitting, money laundering and other cryptocurrency crimes.”

In Palau, the February ransomware attack triggered an international response. With support from Australian cyber specialists, the hospital restored operations within 48 hours. The U.S. Cyber Command later deployed a “hunt forward” team to assist with forensics and systems recovery.

Officials confirmed that names, phone numbers and billing data may have been accessed. While there was no evidence of ransom negotiations, Palauans were urged to remain alert for phishing attempts and digital scams posing as legitimate health communications.

Vo said these kinds of ransomware campaigns are becoming more focused and damaging. “Criminals are now patient,” he said. “They research their targets, identify weak points and hit where it hurts—like hospitals.”

He also warned of an ongoing surge in AI-driven fraud. Deepfake identity documents, voice simulation and real-time manipulation are being used to defeat onboarding and biometric checks. A 2024 case in Hong Kong saw a multinational’s CFO duped into transferring $25 million during a fake video call.

“That happened just last year,” Vo said. “It’s not a hypothetical anymore. The deepfakes are now good enough to fool real people.”

Vo stressed that inconsistencies in how fraud is defined across APAC make coordination difficult. “In one country it’s a scam. In another, it’s authorized payment fraud,” he said. “That confusion slows down prevention.”

Guam and Palau are now participating in regional security networks like the Pacific Cyber Security Operational Network and the Pacific Islands Law Officers’ Network. Both nations are also building incident response frameworks and updating outdated cybercrime legislation.

“The tech can only go so far,” Vo said. “What we need is a multi-layered approach. That means regulation, private-sector collaboration and public education.”

Vo shared a successful case where fraud prevention software blocked several crypto wallet transactions without interrupting normal user activity. “That’s the gold standard,” he said. “Stop the bad guys without hurting your customers.”

The cybercrime report also found that one in every 11 new online accounts globally is fraudulent. Fraudsters are increasingly targeting onboarding points like new sign-ups, password resets and identity verification systems.

“Those are the highest-risk touchpoints,” Vo said. “And mobile channels are still significantly more risky than desktop.”

Some countries are moving faster than others. Australia has introduced scam prevention frameworks with heavy penalties for banks and telecom providers that don’t comply. Singapore has launched liability-sharing models for victims of authorized payment fraud. But across most of the Pacific, enforcement is still catching up.

Social media remains a primary distribution tool for fake job ads, phishing links

and investment scams. Vo noted a disturbing rise in scam centers, where people are coerced into working fraud operations targeting users globally.

“These are real people being trafficked to run fake call centers,” he said. “The human cost of this ecosystem is far greater than most realize.”

Palau’s ransomware recovery and Guam’s crypto investigations show what progress looks like, but also how much is left to be done. Regional collaboration is improving, but cyber readiness remains fragile.

“Be skeptical online. Verify independently. Think before clicking,” Vo said. “This isn’t theoretical. Cybercrime is already here.”

As Guam and Palau work to harden their defenses, they carry lessons for the rest of the Pacific. From hospitals to crypto wallets, the region’s digital vulnerabilities are no longer invisible. They’re visible, measurable and growing.

The question is whether governments, businesses and communities can move fast enough to catch up.

Subscribe to

our digital

monthly edition