Widget HTML #1

WIFI NGANGGUR = CUAN

Ubah WiFi Tidak Terpakai Jadi Passive Income

Internet rumah yang nganggur bisa menghasilkan uang otomatis setiap hari. Tinggal nyalakan Honeygain dan biarkan cuan berjalan sendiri.

MULAI GRATIS
✔ Tanpa modal tambahan
✔ Jalan otomatis 24 jam
✔ Cocok untuk WiFi rumah & kos
Home / technology

Trusted Relationships and Exploits in Public Apps Drive Main Attack Vectors

Trusted Relationships and Exploits in Public Apps Drive Main Attack Vectors

Key Cyber Attack Vectors in 2025

The main initial vectors for cyber attacks in 2025 have remained largely consistent with those observed in 2024. However, their combined share has increased to over 80%. Public-facing applications account for 43.7% of these attacks, while trusted relationships have seen a notable rise from 12.7% in 2024 to 15.5% in 2025. Valid accounts make up 25.4% of the attack landscape. These findings come from the recent Global Report by Kaspersky Security Services.

The ‘Anatomy of a Cyber World’ Report

The ‘Anatomy of a Cyber World’ is an in-depth global report that analyzes incident data collected in 2025. It draws on information from Kaspersky Managed Detection and Response, Kaspersky Incident Response, Kaspersky Compromise Assessment, and Kaspersky SOC Consulting. This report provides insights into the most common attacker tactics, techniques, and tools, as well as the peculiarities of detected incidents and their distribution across regions and industries.

Stability in Initial Attack Vectors

According to data from Kaspersky Incident Response, the top three initial attack vectors have remained relatively stable over the past seven years. Valid accounts and exploits in public-facing applications continue to be the most common entry points for attackers. The third position has experienced some shifts over time: malicious emails, once a prevalent initial vector, were replaced by trusted relationships, which first appeared in the top three in 2023. By 2025, the distribution of main attack vectors looked as follows:

  • Public-facing applications: 43.7%
  • Trusted relationships: 15.5%
  • Valid accounts: 25.4%

These attack vectors are often interconnected within the same attack chain. For instance, organizations compromised through trusted relationships are frequently breached via exploits in public-facing applications. Recent cases reveal that attackers target service providers or IT integrators to gain access to their clients' systems.

Vulnerabilities in Small Service Providers

This issue is exacerbated by the fact that many small service providers lack dedicated cybersecurity expertise and resources. These companies often manage accounting software or websites, and breaches in such firms can lead to the compromise of their clients’ systems through exploited remote access.

Duration and Impact of Attacks

When examining the investigated attacks in terms of duration and impact, the data shows that the majority (50.9%) of them were rapid in nature, typically lasting less than a day and most often resulting in file encryption. A significant portion (33%) were long-lasting, with an average duration of 108 hours. During this time, attackers not only encrypted files but also installed persistence mechanisms, compromised Active Directory, and caused data leakage.

The remaining 16.1% exhibited a hybrid pattern: they initially appeared as rapid attacks but involved a considerable delay between the initial breach and subsequent malicious activities, extending their overall duration to nearly 19 days.

Proactive Security Measures

“Given that attackers are increasingly orchestrating coordinated, multi-stage attacks, organizations cannot afford to rely on a reactive, 'firefighting' approach. To counter this, a proactive security posture is essential, one that embeds real-time threat monitoring and continuous detection into everyday operations. This enables defenders to respond swiftly to adversary activity before it escalates. Key measures for protecting digital assets against both rapid intrusions and long-term compromises include: timely patching, enforcement of multi-factor authentication and strict control of third-party access,” comments Konstantin Sapronov, Head of Global Emergency Response Team at Kaspersky.

Conclusion

The evolving threat landscape highlights the need for organizations to adopt a more comprehensive and proactive approach to cybersecurity. As attack methods become more sophisticated, businesses must ensure they have robust defenses in place to protect their digital assets and prevent potential breaches. With the right strategies and tools, companies can significantly reduce their risk exposure and better defend against emerging threats.