About 25% of cyberattacks were motivated by ‘espionage’ in the Asia-Pacific (APAC) region last year, which is significantly higher than the 6% and 4% in Europe and North America, respectively, a new report showed today. 

Of the 2,130 security incidents and 523 confirmed breaches in the APAC region, system intrusion, social engineering, and basic web application attacks represent 95% of breaches, according to Verizon Business report, a cybersecurity consulting firm.

The most common types of data compromised include credentials (69%), internal (37%), and secrets (24%).

“Since so much of cyber espionage can be defined as an advanced persistent threat, it’s especially important for organisations in APAC to continuously refresh their security protocols to prevent the long-term collection of sensitive data by hackers,” said Chris Novak of the firm.

The report analysed 30,458 security incidents and 10,626 confirmed breaches in 2023 - a two-fold increase over 2022.

Last year, 15% of breaches involved a third party, including data custodians, third-party software vulnerabilities, and other direct or indirect supply chain issues, the report mentioned.

About 68% of breaches whether they include a third party or not, involve a non-malicious human element, which refers to a person making an error or falling prey to a social engineering attack, according to the report.

“India is one of the key countries affected by phishing attacks, where employees often click on malicious links or attachments that appear to be from legitimate sources, often leading to severe financial losses,” said Anshuman Sharma of the firm.

“However, there’s a silver lining as reporting practices have improved, with 20% of users now identifying and reporting phishing during simulation tests,” he added.

(Source: IANS)

- Edited for style