Businesses across the Asia-Pacific region face a significant escalation in data breach incidents attributed to an increasing reliance on third-party partnerships, leading to heightened vulnerabilities.
A recent study by Verizon, titled the 2025 Data Breach Investigations Report, reveals that 83% of reported data breaches in the region stemmed from system intrusions—common targets of cybercriminals.
System intrusions, often referred to as ‘hacking attacks’, involve unauthorized access to computer systems where attackers can delete, modify, or insert data. The report indicates that these attacks have risen by 38% since 2024, solidifying their dominance in the APAC cybersecurity landscape.
The report further states, “This pattern of system intrusions clearly highlights the sophistication and effectiveness of these incidents.” Notably, Verizon emphasizes the lucrative nature of ransomware, which remains a primary tactic for cybercriminals seeking to exploit businesses. The strategy of holding organizations’ data hostage continues to offer substantial returns, ensuring that ransomware attacks will likely persist as a major threat across the globe, particularly in the Asia-Pacific region.
Furthermore, system intrusions are notably prevalent in the financial services and insurance sectors, underscoring the critical need for enhanced security measures. The report indicates a dramatic rise in the involvement of malware in data breaches, increasing from 58% last year to 83% this year, with email identified as a significant channel for malware distribution.
The profile of threat actors targeting the APAC region is predominantly external, accounting for nearly all breaches. Organized crime groups and state-affiliated actors are responsible for 80% and 33% of these threats, respectively. Additionally, the data reveals a concerning trend where stolen credentials represented a factor in 55% of breaches, with the installation of ransomware reported in 51% of incidents.
Ransomware disproportionately affects small and medium-sized enterprises, appearing in 88% of breaches targeting these entities compared to 39% for larger organizations. However, there is a slight decline in the average ransom payment—down from $150,000 last year to $115,000 this year—with 64% of victims opting not to pay ransoms, a significant increase from 50% two years prior.
Verizon identifies the common occurrences of stolen credentials followed by ransomware installation as critical factors for the persistence of system intrusions. While other attack methods, such as social engineering—once responsible for 69% of breaches—have seen a decline, now comprising only 20%, system intrusions have grown to dominate the cybersecurity landscape.
Recent findings also reveal a marked increase in breaches involving third-party partners, doubling to 30% this year, accentuating the risks present in supply chains and partner systems. Verizon Business’s regional VP for Asia Pacific, Robert Le Busque, underscores the growing complexity of cyber threats that organizations must navigate, emphasizing the urgent need for businesses to reassess their risk strategies given the rising frequency of breaches impacting critical infrastructure.
In light of these developments, the adversary tactics associated with recent attacks can be contextualized using the MITRE ATT&CK framework. Likely tactics include initial access through compromised credentials, persistence through backdoor installations, and privilege escalation to gain higher levels of access within corporate networks. Such insights are invaluable for business owners aiming to fortify their cybersecurity defenses in an increasingly treacherous digital landscape.
