Connect with us

Hi, what are you looking for?

White Papers

Operational disruption now primary goal of cyber attacks — Palo Alto Networks

The Department of Information and Communications Technology (DICT) reports that government agencies, academic institutions, and telecommunications companies remain prime targets for cyber criminals, with 10% of attacks targeted at the banking and healthcare sectors.

Palo Alto Networks, the global cybersecurity player, released the 2025 Unit 42 Global Incident Response Report, which found that threat actors are now evolving their tactics, moving beyond traditional ransomware and data theft to focus on business disruption, AI-assisted attacks, and insider threats. According to the report, almost half of the security incidents (44%) involved a web browser.

In the Philippines, industry players are taking a more proactive approach to building a security framework for digital resilience. The Department of Information and Communications Technology (DICT) reports that government agencies, academic institutions, and telecommunications companies remain prime targets for cyber criminals, with 10% of attacks targeted at the banking and healthcare sectors.

Recognizing the urgent need for stronger cybersecurity measures, key institutions such as the country’s Central Bank are working to establish a targeted cyber resilience council to protect financial infrastructure.

As financial institutions, healthcare providers, and government agencies across the globe face an unprecedented cyber threat landscape, regional regulators are strengthening Zero Trust frameworks, adopting AI-powered security solutions, and enforcing stricter compliance measures.

Advertisement. Scroll to continue reading.

The shift from financial extortion to full-scale business disruption means enterprises must rethink their cyber defenses before an attack happens, particularly in sectors that rely on cloud and third-party vendors.

The 2025 Unit 42 Global Incident Response Report, which analyzed hundreds of major cyber incidents, aims to highlight how the increased sophistication of malicious actors is amplifying the challenges faced by businesses worldwide. 

Key findings of the 2025 Unit 42 Global Incident Response Report include:

  • Operational Disruption as a Primary Goal: Attackers are prioritizing sabotage over data theft, aiming to cripple businesses and maximize extortion. In 2024, 86% of incidents led to operational downtime or reputational damage.
  • Surge in Insider Threats Linked to North Korea: Cases tripled in 2024, with operatives targeting contract-based technical roles at major tech firms, financial services, media, and government defense contractors. Advanced techniques, including hardware-based KVM-over-IP devices and Visual Studio Code tunneling, make detection more challenging.
  • Accelerated Data Exfiltration: Attackers are exfiltrating data three times faster than in 2021, with 25% of cases seeing data stolen within five hours, and nearly 20% occurring in under an hour.
  • Expanded Attack Surfaces: 70% of incidents involved three or more attack vectors, underscoring the need for comprehensive security across endpoints, networks, cloud environments, and human vulnerabilities. Web browsers remain a weak link, facilitating 44% of attacks via phishing, malicious redirects, and malware downloads.
  • Phishing Resurges as Top Entry Point: 23% of attacks began with phishing, overtaking vulnerabilities as the leading attack vector. GenAI has made phishing campaigns more scalable, sophisticated, and difficult to detect.

“Cyber criminals targeting organizations in the Asia-Pacific and Japan region are no longer just stealing data, they are actively taking down entire operations,” said Philippa Cogswell, Vice President and Managing Partner, Unit 42, Asia-Pacific & Japan, Palo Alto Networks. “Traditional approaches to cybersecurity are no longer sufficient in addressing the visibility gaps and complexity challenges that organisations face today. To stay ahead of evolving threats, businesses must adopt AI-driven, automated security solutions that can outpace adversaries and provide comprehensive real-time protection.”

“As cyber threats in Asia-Pacific evolve from data theft to full-scale operational disruption, it is crucial for organizations to reassess their cybersecurity strategies, and shift from fragmented approaches towards a unified security approach that prioritizes real-time threat detection, rapid response, and actionable threat intelligence,” said Steven Scheurmann, Regional Vice President, ASEAN, Palo Alto Networks. “In the Philippines, where critical sectors like finance, healthcare, and government are increasingly reliant on digital infrastructure, building cyber resilience requires not only advanced technological capabilities but also a deeper and stronger collaboration between public and private stakeholders to safeguard the nation’s digital future.”

Data for this report was sourced from more than 500 cases Unit 42 responded to between October 2023 and December 2024, as well as from other case data going back to 2021. The affected organizations were headquartered in 38 unique countries, including the U.S. and those based in Europe, the Middle East, and Asia-Pacific.

Advertisement. Scroll to continue reading.


To download the full report, visit: https://www.paloaltonetworks.com/resources/research/unit-42-incident-response-report.

Advertisement
Advertisement
Advertisement

Like Us On Facebook

You May Also Like

HEADLINES

The campaigns show attackers are capitalizing on people’s increasing familiarity with completing multiple authentication steps online – a trend HP calls ‘click tolerance’. 

White Papers

IBM X-Force observed an 84% increase in emails delivering infostealers in 2024 compared to the prior year, a method threat actors relied heavily on...

HEADLINES

Kaspersky participated in 95 independent tests and reviews, with its products being awarded first place 91 times and 92 TOP3 finishes, achieving the highest results among...

HEADLINES

‘Wangiri’ originated in Japan in the early 2000’s. The term describes the modus. ‘Wan’ is a play on the word ‘one’ while ‘giri’ means...

HEADLINES

Smart and its value brand TNT do not send text messages with clickable links. If you receive one—even if it looks like it’s from...

White Papers

n the Philippines, industry players are taking a more proactive approach to building a security framework for digital resilience.

HEADLINES

This marks the company’s first participation in the region’s premier tech event, where it will showcase its groundbreaking cybersecurity solutions to industry leaders, innovators,...

HEADLINES

A report found that the primary way attackers gained initial access to networks (56% of all cases across MDR and IR) was by exploiting...

Advertisement