Wednesday, 21 May 2025
27.1 C
Singapore
29.6 C
Thailand
20.7 C
Indonesia
29 C
Philippines

Verizon report reveals 80% of APAC breaches caused by system intrusions

System intrusions caused 80% of data breaches in APAC, according to Verizon’s 2025 report, with malware and ransomware threats on the rise.

Verizon Business has released its 2025 Data Breach Investigations Report (DBIR), highlighting a sharp rise in system intrusions across Asia-Pacific. The report shows that 80% of data breaches in the region were the result of system intrusions, more than doubling from 38% in the previous year. This marks a major shift in the cyber threat landscape and signals the growing risk faced by organisations in the region.

Now in its 18th edition, the DBIR reviewed over 22,000 security incidents, including 12,195 confirmed data breaches across 139 countries. The Asia-Pacific region emerged as a key concern, particularly with the steep increase in malware usage and ransomware attacks.

Rise in malware and ransomware threats

Malware-related breaches in APAC surged to 83%, up from 58% the year before. Email remains the main method used by attackers to distribute malicious software. Ransomware also accounted for 51% of breaches in the region, with attackers frequently publicising their breaches to increase pressure on victims.

Robert Le Busque, Regional Vice President, Asia Pacific at Verizon Business, commented on the situation. “This year’s report reinforces the growing complexity and persistence of cyber threats facing organisations worldwide. In the Asia-Pacific region in particular, external actors are targeting critical infrastructure and exploiting third-party vulnerabilities. The rising incidence of breaches highlights the imperative for businesses to reassess their risk frameworks.”

Social engineering, while still a common tactic, now represents only 20% of breaches in APAC. This decline is largely attributed to the rapid increase in system intrusion attacks.

Global security insights show widening threat vectors

The report also examined global trends and found that exploitation of vulnerabilities rose by 34%, with attackers focusing heavily on zero-day exploits affecting perimeter devices and VPNs. Ransomware continues to grow in prevalence, present in 44% of global breaches—a 37% rise from the previous year—despite a drop in the average ransom paid.

Incidents involving third parties doubled, drawing attention to the growing risks within supply chains and partner networks. The human element remains a critical factor, especially in cases involving social engineering and credential abuse.

The report identified that industries such as Manufacturing and Healthcare have become prime targets for espionage-motivated attacks. Education, Financial Services, and Retail sectors also continue to face persistent threats. Small and medium-sized businesses (SMBs) remain particularly vulnerable, with ransomware present in 88% of their breaches.

Call for stronger cybersecurity measures

The findings serve as a call to action for businesses to improve their cybersecurity strategies. The 2025 DBIR urges organisations to adopt proactive measures to defend against increasingly complex cyber threats. With the median ransom paid last year reaching US$115,000, the financial pressure on smaller businesses can be severe.

Craig Robinson, Research Vice President of Security Services at IDC, remarked on the wider implications. “This year’s DBIR findings reflect a mixed bag of results. Glass-half-full types can celebrate the rise in the number of victim organisations that did not pay ransoms, with 64% not paying vs 50% two years ago. The glass-half-empty personas will see in the DBIR that organisations that don’t have the proper IT and cybersecurity maturity – often the SMB-sized organisations – are paying the price for their size with ransomware being present in 88% of breaches.”

He added, “While there is no magic pill to swallow that will alleviate the pain of cybersecurity attacks, Verizon’s leadership in educating the public on the types of attacker motives, tactics and techniques is a key head start in raising global awareness and cyber readiness.”

Hot this week

DJI unveils Mavic 4 Pro with 100MP camera and 360° rotating gimbal

DJI’s new Mavic 4 Pro features a 100MP Hasselblad sensor, 360° rotating gimbal, and extended flight time for cinematic aerial storytelling.

Snapdragon 7 Gen 4 brings flagship performance to midrange phones

Snapdragon 7 Gen 4 will bring flagship features to midrange phones in May 2025, including better speed, graphics, and AI.

Microsoft brings on-device AI to web apps in the Edge browser

Microsoft adds on-device AI to Edge, giving web apps access to Phi-4-mini for smart features like text editing and translation.

Singtel’s new 5G Priority plans offer 4x faster speeds and exclusive perks

Singtel’s new 5G+ Priority plans offer 4x faster speeds, better roaming, added security, and premium care with no contract needed.

Windsurf launches its own AI models for software engineers

Windsurf unveils its SWE-1 AI models to support full software engineering, offering tools beyond code writing.

Xiaomi launches 3-nanometre chip to rival Apple and Qualcomm

Xiaomi unveiled the 3-nm XRing O1 chip for its new phone and tablet, matching Apple and Qualcomm in the global semiconductor race.

US buyer activity rises on Alibaba.com after tariff pause agreement

US buyers flood Alibaba.com after a 90-day US-China tariff pause, boosting inquiries by over 40% and driving holiday stock orders early.

Razer’s new Blade 14 is thinner, lighter, and packed with full RTX 5070 power

Razer’s new Blade 14 is thinner and lighter, with full RTX 5070 power and a stunning OLED display. It starts at US$2,299.99.

Microsoft brings on-device AI to web apps in the Edge browser

Microsoft adds on-device AI to Edge, giving web apps access to Phi-4-mini for smart features like text editing and translation.

Related Articles

Popular Categories