MANILA, PHILIPPINES—Palo Alto Networks, a global leader in cybersecurity, has released the 2025 Unit 42 Global Incident Response Report, revealing a shift in cyber attack tactics. Threat actors are moving beyond traditional ransomware and data theft to focus on business disruption, AI-assisted attacks, and insider threats. According to the report, nearly half of the security incidents (44%) involved a web browser.
In the Philippines, industry players are increasingly proactive in building a digital resilience framework. The Department of Information and Communications Technology (DICT) reports that government agencies, academic institutions, and telecommunications companies remain top targets for cybercriminals, with 10% of attacks aimed at the banking and healthcare sectors. To address these threats, the Central Bank of the Philippines is working to establish a cyber resilience council to protect financial infrastructure.
As cyber threats grow globally, regulators are enhancing Zero Trust frameworks, adopting AI-powered security solutions, and tightening compliance measures. The shift from financial extortion to full-scale business disruption means that organizations must rethink their cyber defenses, especially those relying on cloud services and third-party vendors.
The 2025 Unit 42 report highlights key findings, including:
- Operational Disruption as a Primary Goal: In 2024, 86% of incidents led to operational downtime or reputational damage.
- Surge in Insider Threats Linked to North Korea: Cases tripled in 2024, with advanced attack techniques making detection more difficult.
- Accelerated Data Exfiltration: Attackers are stealing data three times faster than in 2021, with 25% of cases seeing data stolen within five hours.
- Expanded Attack Surfaces: 70% of incidents involved three or more attack vectors, with web browsers accounting for 44% of attacks.
- Phishing Resurges: 23% of attacks began with phishing, aided by scalable and sophisticated GenAI tactics.
“Cybercriminals are no longer just stealing data—they’re taking down entire operations,” said Philippa Cogswell, Vice President and Managing Partner, Unit 42, Asia-Pacific & Japan, Palo Alto Networks. “Businesses must adopt AI-driven, automated security solutions to stay ahead of these evolving threats.”
“As cyber threats shift from data theft to operational disruption, organizations must reassess their cybersecurity strategies,” said Steven Scheurmann, Regional Vice President, ASEAN, Palo Alto Networks. “In the Philippines, building cyber resilience requires both advanced technology and stronger public-private collaboration.”
The data for this report comes from over 500 cases Unit 42 responded to between October 2023 and December 2024, as well as from earlier cases dating back to 2021. The affected organizations were based in 38 countries, including the U.S., Europe, the Middle East, and Asia-Pacific.
To download the full report, visit: Palo Alto Networks 2025 Unit 42 Report.
