Verizon Business has released its 2025 Data Breach Investigations Report (DBIR), highlighting a sharp rise in system intrusions across Asia-Pacific. The report shows that 80% of data breaches in the region were the result of system intrusions, more than doubling from 38% in the previous year. This marks a major shift in the cyber threat landscape and signals the growing risk faced by organisations in the region.
Now in its 18th edition, the DBIR reviewed over 22,000 security incidents, including 12,195 confirmed data breaches across 139 countries. The Asia-Pacific region emerged as a key concern, particularly with the steep increase in malware usage and ransomware attacks.
Rise in malware and ransomware threats
Malware-related breaches in APAC surged to 83%, up from 58% the year before. Email remains the main method used by attackers to distribute malicious software. Ransomware also accounted for 51% of breaches in the region, with attackers frequently publicising their breaches to increase pressure on victims.
Robert Le Busque, Regional Vice President, Asia Pacific at Verizon Business, commented on the situation. “This year’s report reinforces the growing complexity and persistence of cyber threats facing organisations worldwide. In the Asia-Pacific region in particular, external actors are targeting critical infrastructure and exploiting third-party vulnerabilities. The rising incidence of breaches highlights the imperative for businesses to reassess their risk frameworks.”
Social engineering, while still a common tactic, now represents only 20% of breaches in APAC. This decline is largely attributed to the rapid increase in system intrusion attacks.
Global security insights show widening threat vectors
The report also examined global trends and found that exploitation of vulnerabilities rose by 34%, with attackers focusing heavily on zero-day exploits affecting perimeter devices and VPNs. Ransomware continues to grow in prevalence, present in 44% of global breaches—a 37% rise from the previous year—despite a drop in the average ransom paid.
Incidents involving third parties doubled, drawing attention to the growing risks within supply chains and partner networks. The human element remains a critical factor, especially in cases involving social engineering and credential abuse.
The report identified that industries such as Manufacturing and Healthcare have become prime targets for espionage-motivated attacks. Education, Financial Services, and Retail sectors also continue to face persistent threats. Small and medium-sized businesses (SMBs) remain particularly vulnerable, with ransomware present in 88% of their breaches.
Call for stronger cybersecurity measures
The findings serve as a call to action for businesses to improve their cybersecurity strategies. The 2025 DBIR urges organisations to adopt proactive measures to defend against increasingly complex cyber threats. With the median ransom paid last year reaching US$115,000, the financial pressure on smaller businesses can be severe.
Craig Robinson, Research Vice President of Security Services at IDC, remarked on the wider implications. “This year’s DBIR findings reflect a mixed bag of results. Glass-half-full types can celebrate the rise in the number of victim organisations that did not pay ransoms, with 64% not paying vs 50% two years ago. The glass-half-empty personas will see in the DBIR that organisations that don’t have the proper IT and cybersecurity maturity – often the SMB-sized organisations – are paying the price for their size with ransomware being present in 88% of breaches.”
He added, “While there is no magic pill to swallow that will alleviate the pain of cybersecurity attacks, Verizon’s leadership in educating the public on the types of attacker motives, tactics and techniques is a key head start in raising global awareness and cyber readiness.”