SecurityBrief New Zealand - Technology news for CISOs & cybersecurity decision-makers
Story image

Espionage breaches account for 25% in APAC, report reveals

Thu, 2nd May 2024

Results from the 17th annual Data Breach Investigations Report (DBIR) by Verizon Business reveal that over a quarter (25%) of breaches in the Asia Pacific region (APAC) constituted espionage attacks. This figure is significantly higher than the 6% and 4% recorded for Europe, Middle East and Asia (EMEA), and North America (NA) respectively. Conversely, financial motivations accounted for 75% of breaches in the APAC area.

The DBIR analysed 2,130 security incidents in APAC, with 523 confirmed breaches, further highlighting the vulnerability within the region's cybersecurity landscape. System intrusion, social engineering, and basic web application attacks represented 95% of these breaches. Credentials were the most compromised type of data at 69%, followed by internal data at 37%, and secrets at 24%.

'Since so much of cyber espionage can be defined as an advanced persistent threat, it's especially important for organisations in APAC to continuously refresh their security protocols to thwart the long-term collection of sensitive data by threat actors,' said Chris Novak, Sr. Director of Cybersecurity Consulting at Verizon Business. Novak further mentioned the need to review third-party networks as they often have more lax cybersecurity practices.

The DBIR highlighted that the exploitation of vulnerabilities has become one of the fastest growing threats to cybersecurity worldwide. This accounts for 14% of all breaches with an almost triple spike in the last year, primarily due to the scope and increasing frequency of zero-day exploits by ransomware actors.

Data from the Cybersecurity Infrastructure and Security Agency (CISA) shows that it takes organisations an average of 55 days to patch 50% of their critical vulnerabilities. The median time for detecting mass exploitations of the CISA Known Exploited Vulnerabilities (KEV) on the internet is five days.

The challenges surrounding third parties involvement in breaches, including data custodians and software vulnerabilities, surged by 68% from the previous period. In 2023, 15% of breaches involved a third party. The human error element was identified in 68% of breaches, with 20% of users identifying and reporting phishing in simulation engagements and 11% of users who clicked the email also reported it.

'The persistence of the human element in breaches shows that there is still plenty of room for improvement with regard to cybersecurity training', stated Robert Le Busque, Regional Vice President, Asia Pacific for Verizon Business. He indicated a potential shift towards a working culture that no longer stigmatises human error, but gives prominence to cybersecurity awareness in the workforce.

Further key findings of the report include 32% of all breaches involving some type of extortion technique, a quarter (24-25%) of financially motivated incidents involved pretexting over the past two years, and the use of stolen credentials appeared in nearly a third (31%) of all breaches in the previous decade.

Follow us on:
Follow us on LinkedIn Follow us on X
Share on:
Share on LinkedIn Share on X