One qualitative conclusion in a cybersecurity firm’s annual threat analysis is that cybercrime has evolved into a complex, self-sustaining chain reaction
Based on a yearly data-driven process of analyzing the cybercrime landscape*, a cybersecurity firm has released a 2025 report containing its findings of cybercrime trends in 2024.
First, over 20% of recorded Advanced Persistent Threat (APT) attacks in data analyzed between 2023 and 2024 had targeted the Asia Pacific region (APAC).
Second, data showed that in 2024, Indonesia had experienced the second-highest number of APT-related cyberattacks in 2024, accounting for 7% of all incidents in the region. The runner-up was data linked to Malaysia, making up 5% of all incidents in the region.
Other findings
Third, in terms of regional cyberattacks, data showed that in May 2024, North Korean APT group Lazarus had stolen over US$308m in cryptocurrency from Japan’s DMM. Also:
- APAC data analyzed included 467 ransomware-related attacks, with real estate, manufacturing, and financial services among the top targeted industries.
- In the APAC data, Indonesia and Thailand ranked among the top 10 global markets affected by dark web data leaks.
- APAC data was found in nearly 40% of hacktivism-related attacks examined, with India alone making up almost 13%. Hacktivist groups such as ETHERSEC TEAM CYBER from Indonesia and RipperSec from Malaysia were particularly active.
- The 2024 data analyzed showed 3,055 corporate access listings sold by Initial Access Brokers on dark web marketplaces, a 15% year-over-year increase, with 427 instances affecting APAC: Indonesia, Thailand, and Singapore accounted for 6% of these incidents each.
- Underground recruitment efforts for ransomware affiliates had increased by 44% in the data analyzed, indicating the possible industrialization of cyber extortion activities.
According to Dmitry Volkov, CEO, Group-IB, the firm releasing its cyber threat landscape findings for 2024: “Geopolitics is destabilized by espionage, which is fueled by data breaches, while at the same time ransomware exploits these breaches, all contributing to an ever-growing cyber threat landscape. Organizations must adopt proactive security strategies, fortify cyber resilience, and recognize that every cyber threat feeds into a larger, interconnected battle. To mitigate these threats, we must disrupt the cycle by enhancing cooperation and building a global framework to fight against cybercrime.”
*disclosed as “a combination of deep local threat intelligence and a global analytical perspective” built on proprietary research, intelligence gathering, and real-world cybercrime investigations via “unique tools that monitor dark web forums, dedicated leak sites, and underground marketplaces” to identify and confirm trends in advanced persistent threats (APT), hacktivist activity, ransomware operations, initial access brokers, compromised hosts, data leaks, phishing, and scams.”
