New data on the number of cyberattacks in 2021 shows that for the Asia Pacific, government departments were targeted the most.
Tenable has produced a report analysing 236 cyber breaches that exposed more than 3 billion records in the APAC between November 2020 and October 2021. The breaches in the region represented 8.6% of the global tally, which was regarded as a ‘considerable increase’ on the number of cyber breaches recorded in the same period in the 12 months prior.
Government departments topped the list of targeted organisations for the recorded APAC incidents, with ransomware groups preferring physical supply chain disruption to extort payment. Criminals also used cyber espionage campaigns exploited the software supply chain to access sensitive data, the report found.
In addition to government agencies, other at-risk targets for the year ahead include healthcare, education and technology companies. All these sectors were attractive to threat actors, the report said.
The report noted that the number of records exposed was likely to be significantly higher given that 87% of recorded breach disclosures did not include information about the number of records exposed.
The report highlighted ransomware and unpatched vulnerabilities as two of the main root causes that resulted in data breaches and cyber incidents. This trend was consistent with a 2020-21 report produced by the Australian Cyber Security Centre, the researchers noted.
Tenable’s Satnam Narang said that most of the region’s data breaches stemmed from the same origins, posing a multifaceted threat landscape for Australian security leaders.
“With many organisations accelerating their digital transformation and adoption of SaaS solutions, and the democratisation of hybrid work models, the nature of an organisation’s network has changed drastically,” Narang said.
“It is essential that security leaders focus on building a stronger understanding of all the potential attack paths on their systems, and leverage available security frameworks to bolster their cyber defences.”
The report also found that 10% of breaches in APAC were the result of unsecured cloud databases, higher than the global average (6%).
Other notable trends in 2021 included an increase in the number of reported common vulnerabilities and exposures (21,957), which was a 19.6% increase on the year before. Compared with figures from 2016, last year’s number grew by 241%.
The ‘Threat Landscape Retrospective’ report was published this week.