Stolen credentials are most frequently used to intrude in APAC, expert reveals

By Kuksung Nam, The Readable
May 17, 2023 7:19PM GMT+9

Cybercriminals actively used stolen credentials to gain initial access to their targets in the Asia-Pacific (APAC) region last year, according to a cybersecurity expert on Wednesday.

Oh Jin-suk, the head of security engineers in South Korea and North Asia at Mandiant, now officially owned by Google, stated that the most prevalent initial intrusion method against organizations in APAC was the reuse of extorted credentials. The company issued a report last April which analyzed approximately 1,100 cases of incident response from January 1 to December 31, 2022.

The expert described this practice as “the worst,” compared to other methods mostly used in North and South America, as well as Europe, the Middle East, and Africa (EMEA). According to the report, the most prominent initial intrusion method in North and South America was the use of exploits, which made up 38%. In EMEA, phishing attacks were the most deployed, making up 40%.

“If attackers are in an environment where they cannot reuse extorted credentials, they have to go to great lengths to get the accounts or authorization they need,” explained the expert to The Readable. “However, if they can gain such information easily, even beginners can deploy a cyberattack.” It is also worth noting that attackers focus on maximizing their monetary returns when they buy the extorted data.

Moreover, the cybersecurity expert shared his assumptions regarding the regional differences in initial intrusion practices. “Other countries apart from APAC have a well-established incidence reporting process,” said Oh to The Readable. “However, there are not many countries in APAC which have such procedures. This makes this region a more favorable environment for attackers to trade stolen information.”

nam@thereadable.co

Kuksung Nam is a journalist for The Readable. She has extensively traversed the globe to cover the latest stories on the cyber threat landscape and has been producing in-depth stories on security and privacy by engaging with industry giants, foreign government officials and experts. Before joining The Readable, Kuksung reported on politics for one of South Korea’s top-five local newspapers, The Kyeongin Ilbo. Her journalistic skills and reportage earned her the coveted Journalists Association of Korea award in 2021 for her essay detailing exclusive stories about the misconduct of a former government official. She holds a Bachelor’s degree in French from Hankuk University of Foreign Studies, a testament to her linguistic capabilities.