APAC accounted for more than one-third of global cyber offensive in 2024 according to IBM's X-Force Threat Intelligence Index 2025. Collectively Asia Pacific and America accounted for nearly 60% of all attacks that IBM X-Force responded to globally.
The 64-page 2025 report tracks new and existing trends and attack patterns — pulling from incident response engagements, dark web data, and other threat intelligence sources. The report further reveals that the manufacturing sector remained the most targeted industry, with ransomware being the most common "action on objective" in the region.
It found that extensive reliance on external remote services (45%) and vulnerability exploitation (18%) were the most common initial access vectors, underscoring weaknesses in APAC's digital infrastructure.
Some major findings in the 2025 report include:
– The manufacturing sector remained the most targeted industry in APAC, representing 40% of incidents, followed by financial sector. To combat this, businesses must move beyond reactive security strategies and prioritise proactive actions.
– Unlike in other parts of the world, ransomware remains a persistent threat in Asia-Pacific, highlighting its continued profitability for attackers. Installing advanced detection technologies can help organisations close the speed gap and stop threats before they escalate.
– Reliance on legacy technology and slow patching cycles expose critical infrastructure sectors to sophisticated threat actor groups, including nation-state adversaries, escalating the risk of disruption, espionage, and financial extortion.
– In 2024, IBM X-Force observed an uptick in phishing emails delivering infostealers, and early data for 2025 reveals an even greater increase of 180% compared to 2023. Credential phishing and infostealers have made identity attacks cheap, scalable, and highly profitable for threat actors.
– IBM X-Force observed that ransomware operators have shifted to lower-risk models, with identity attacks surging to fill the void. International takedown efforts are pushing ransomware actors to restructure high-risk models toward more distributed, lower-risk operations.
– AI threats are evolving and security researchers are racing to identify and fix vulnerabilities before cybercriminals exploit AI-driven cyberattacks.
– Manufacturing was the most attacked industry for the fourth consecutive year. Continuing to face the highest number of ransomware cases, this sector's extremely low tolerance for downtime makes the ROI and related security benefits of encryption highly attractive.
– Linux threats are rising. In collaboration with Red Hat Insights, IBM X-Force found that more than half of Red Hat Enterprise Linux customers' environments had not deployed a patch for at least one critical CVE in their environment, and 18% had not patched five or more.