Cybersecurity News in Asia

RECENT STORIES:

SEGA moves faster with flow-based network monitoring
Sparsa AI Launches Sovereign Enterprise AI Platform with Global Deploy...
Conifers AI Opens Singapore Data Region, Bringing Local Data Residency...
Finally taken down: Residential proxy network of at least 2m smart dev...
DXC Opens Flagship AI-first Customer Experience Center in Bengaluru
AI speeds threat discovery as coverage gaps persist: survey
LOGIN REGISTER
CybersecAsia
  • Features
    • Featured

      S E Asia governments targeted by cyber-espionage group

      S E Asia governments targeted by cyber-espionage group

      Tuesday, June 23, 2026, 8:00 AM Asia/Singapore | Features
    • Featured

      Rethinking network and infrastructure design for resilience

      Rethinking network and infrastructure design for resilience

      Thursday, June 18, 2026, 2:17 PM Asia/Singapore | Features
    • Featured

      Bringing cybercriminals to justice in APAC

      Bringing cybercriminals to justice in APAC

      Thursday, June 11, 2026, 10:30 AM Asia/Singapore | Features
  • Opinions
  • Tips
  • Whitepapers
  • AWARDS 2026
  • Directory
  • E-Learning

Select Page

News

Exploits remained the most frequently used initial infection vector in 2024: report

By CybersecAsia editors | Friday, April 25, 2025, 3:38 PM Asia/Singapore

Exploits remained the most frequently used initial infection vector in 2024: report

Explore this and other key cyber trends encountered by one cybersecurity firm’s incident response operations in 2024

Based on its incident response and investigation metrics* conducted between 1 Jan 2024 and 31 Dec 2024, a cybersecurity firm has rounded up some key cyber statistics for the period.

    First, the 12-month data indicated that attackers were seizing every opportunity to further their objectives, through: Infostealers malware, the targeting of unsecured data repositories, and the exploitation of gaps and risks (e.g., supply chain risks) introduced as organizations continue their migrations to the cloud.

    Second, the financial sector continued to be the most targeted industry, with the global median dwell time rising to 11 days from 10 days in similar data analyses for 2023 (compared to 16 days for 2022).

    Other key findings

    Third, the number of financially-motivated actors rose, while the number of espionage incidents dipped: 55% of threat groups active in 2024 data were financially motivated: a steady increase from 52% in 2023 and 48% in 2022. About 8% of threat groups in the data were motivated by espionage: a slight decrease from 10% in 2023 data analyzed. Also:

    • Ransomware trends: The most commonly observed initial infection vector for ransomware-related intrusions, when the vector could be identified, was brute-force attacks. Password spraying, virtual private network (VPN) devices compromised through default credentials, and high-volume Remote Desktop Protocol (RDP) login attempts were examples of the types of brute-force attacks investigate in 2024.
    • Stolen credentials reached a new high: The most common initial infection vector was exploits (33%) for the fifth consecutive year. Stolen credentials (16%) rose to the second most common in 2024, marking the first time this vector has reached this level. The remaining top five vectors included email phishing (14%), web compromises (9%), and prior compromises (8%).
    • Infostealer malware becoming a foundational threat: These malware families were often distributed through infected personal and contractor devices, leading to a record high in stolen credentials as an initial infection vector, and driving surges in credential-based attacks and cloud/SaaS breaches.
    • The most frequently targeted industries: Financial (17.4%), business and professional services (11.1%), high tech (10.6%), government (9.5%), and healthcare (9.3%). These targeting trends were mostly consistent with data from prior years.
    • Provenance of incident discovery: In 2024, external sources first alerted organizations of a compromise 57% of the time, and 43% of the time it was identified internally. External notifications are divided into 43% from entities such as law enforcement and cybersecurity vendors, and 14% from adversaries, often in the form of ransom notes. 
    • Other notable trends in the 2024 data: North Korean IT workers posing as remote contractors to gain insider access; Iranian threat actors ramping up destructive and espionage operations —particularly against Israeli targets — and China-nexus groups exploiting zero-day vulnerabilities and edge devices to evade detection. Also, threat actors in 2024 usually gained access to targeted systems through brute-force attacks, third-party-access [supply-chain] compromise, social engineering voice calls (voice phishing or vishing), SIM swapping, and Bring Your Own Device (BYOD) such as infected USB storage devices.

    According to Vivek Chudgar, Managing Director, Mandiant Consulting (JAPAC), the firm that reported on its 2024 incident data trends: “As financially motivated threats grow more sophisticated, our collective resilience depends on proactive threat intelligence, faster detection, and a relentless focus on closing security gaps before adversaries can exploit them.”

    *declared as “data collected from more than 450k+ hours of incident response engagements globally”, across the USA, JAPAC and EMEA regions

    Share:

    PreviousTeamT5 Warns of Global Risks Posed by Ivanti Vulnerability
    NextAI in EDR/XDR: Enhancing cybersecurity with a balance of machine and human expertise

    Related Posts

    NGO sets up new Zero Trust Advancement Center

    NGO sets up new Zero Trust Advancement Center

    Monday, March 14, 2022

    Despite strong talent supply growth, APAC is short of 2.2m cybersecurity professionals

    Despite strong talent supply growth, APAC is short of 2.2m cybersecurity professionals

    Wednesday, October 26, 2022

    South Korean firm’s November massive data breach hits a legal ramification

    South Korean firm’s November massive data breach hits a legal ramification

    Monday, December 8, 2025

    Army of network-based threats continues its advance

    Army of network-based threats continues its advance

    Sunday, September 15, 2019

    Leave a reply Cancel reply

    You must be logged in to post a comment.

    Voters-draw/RCA-Sponsors

    Slide
    Slide
    Slide
    Slide
    Slide
    Slide
    Slide
    Slide
    Slide
    Slide
    Slide
    Slide
    Slide
    Slide
    previous arrow
    next arrow

    CybersecAsia Voting Placement

    Gamification listing or Participate Now

    PARTICIPATE NOW

    Vote Now -Placement(Google Ads)

    Top-Sidebar-banner

    Whitepapers

    • Critical Security Threatsand the Need for ZTNA: How evolving cyberattacks demand a Zero Trust approach

      Critical Security Threatsand the Need for ZTNA: How evolving cyberattacks demand a Zero Trust approach

      Cyber threats have become more frequent and sophisticated, targeting organizations of all sizes across all …Download Whitepaper
    • Zero Trust Made Simple: Why it matters and how to get started

      Zero Trust Made Simple: Why it matters and how to get started

      Data breaches and cyberattacks are no longer limited to large, high-profile organizations.Download Whitepaper
    • Cloud Secure Edge: Remote access, better security

      Cloud Secure Edge: Remote access, better security

      ​SonicWall Cloud Secure Edge™ is a modern, cloud-native Security Service Edge (SSE) solution that addresses …Download Whitepaper
    • Closing the Gap in Email Security:How To Stop The 7 Most SinisterAI-Powered Phishing Threats

      Closing the Gap in Email Security:How To Stop The 7 Most SinisterAI-Powered Phishing Threats

      Insider threats continue to be a major cybersecurity risk in 2024. Explore more insights on …Download Whitepaper

    Middle-sidebar-banner

    Case Studies

    • How a Vietnamese D2C retailer built its own secure digital infrastructure

      How a Vietnamese D2C retailer built its own secure digital infrastructure

      Would your organization build your own digital infrastructure – including AI governance and cybersecurity – …Read more
    • Cyber protection for medical clinics in Singapore

      Cyber protection for medical clinics in Singapore

      As Singapore’s healthcare sector becomes increasingly digital and interconnected, clinics are facing heightened cyber risks, …Read more
    • India’s WazirX strengthens governance and digital asset security

      India’s WazirX strengthens governance and digital asset security

      Revamping its custody infrastructure using multi‑party computation tools has improved operational resilience and institutional‑grade safeguardsRead more
    • Bangladesh LGED modernizes communication while addressing data security concerns

      Bangladesh LGED modernizes communication while addressing data security concerns

      To meet emerging data localization/privacy regulations, the government engineering agency deploys a secure, unified digital …Read more

    Bottom sidebar

    Other News

    • Sparsa AI Launches Sovereign Enterprise AI Platform with Global Deployment at QNET

      Wednesday, July 8, 2026
      The Sparsa AI Enterprise Operating …Read More »
    • Conifers AI Opens Singapore Data Region, Bringing Local Data Residency to Asia-Pacific Security Teams

      Wednesday, July 8, 2026
      With data regions now spanning …Read More »
    • DXC Opens Flagship AI-first Customer Experience Center in Bengaluru

      Tuesday, July 7, 2026
      Strengthens DXC’s India presence with …Read More »
    • D-Link Brings Advanced AI Fall Detection and Privacy Protection to Home Elderly Care with the New DCS-8610 Wi-Fi Camera

      Monday, July 6, 2026
      Advanced technologies traditionally found in …Read More »
    • ICAC Commissioner attends first IAACA European regional anti-corruption conference in Hungary

      Friday, July 3, 2026
      BUDAPEST, Hungary, July 2, 2026 …Read More »
    • Our Brands
    • DigiconAsia
    • MartechAsia
    • Home
    • About Us
    • Contact Us
    • Sitemap
    • Privacy & Cookies
    • Terms of Use
    • Advertising & Reprint Policy
    • Media Kit
    • Subscribe
    • Manage Subscriptions
    • Newsletter

    Copyright © 2026 CybersecAsia All Rights Reserved.