Espionage has emerged as a major cybersecurity threat in the Asia-Pacific region. According to a Verizon Business report a quarter of attacks it detected were motivated by espionage. It is far higher than the attacks reported in Europe and North America.

Of the 2,130 security incidents and 523 confirmed breaches in the Asia-Pacific region, system intrusion, social engineering, and basic web application attacks represent 95 per cent of breaches in APAC. The most common types of data compromised are credentials (69 per cent), internal (37 per cent), and secrets (24 per cent).

The 17th annual Data Breach Investigations Report (DBIR) 2024 found that exploitation of vulnerabilities as an initial access step for a breach grew by 180 per cent over the previous year.

“System Intrusion, social engineering and basic web application attacks represent 95 per cent of breaches,” the report said.

The report analysed 30,458 security incidents and 10,626 confirmed breaches in 2023 — a two-fold increase over 2022 

The report found that it took organisations about 55 days to patch 50 per cent of their critical vulnerabilities.

While the exploitation of vulnerabilities has become one of the fastest growing threats to cybersecurity, data from the Asia-Pacific region found that 25 per cent of attacks are motivated by espionage - significantly greater than the 6 per cent and 4 per cent in Europe and North America, respectively.

“Since so much of cyber espionage can be defined as an advanced persistent threat, it’s important for organisations in APAC to continuously refresh their security protocols to thwart the long-term collection of sensitive data by threat actors,” Chris Novak, Senior Director of Cybersecurity Consulting of Verizon Business, said.

“It’s equally important to review one’s third-party network, since sensitive information with national security implications can sometimes be accessed via organizations with more lax cybersecurity practices, such as academic institutions and research facilities,” he said.

Globally, exploiting vulnerabilities as an initial point of entry almost tripled since last year, accounting for 14 per cent of all breaches. 

Last year, 15 per cent of breaches involved a third party, including data custodians, third-party software vulnerabilities, and other direct or indirect supply chain issues. This metric shows a 68 per cent increase from the previous period described in the 2023 report.

Most breaches (68 per cent), whether they include a third party or not, involve a non-malicious human element, which refers to a person making an error or falling prey to a social engineering attack.

About 32 per cent of all breaches involved some extortion technique, including ransomware.

Over the past two years, roughly one-fourth of financially motivated incidents involved pretexting. Over the past 10 years, the use of stolen credentials has appeared in almost one-third (31 per cent) of all breaches.